Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
documentos DHL.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsrCE63.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Zorillinae\Skaalpundet\Inkbslistes\Tset\Demodulationen\Iagttagerposition\Americanly.Unc
|
ASCII text, with very long lines (41286), with no line terminators
|
dropped
|
||
|
C:\Users\user\Zorillinae\Skaalpundet\Inkbslistes\Tset\Demodulationen\Iagttagerposition\Strukturerne.Pom
|
OpenPGP Public Key
|
dropped
|
||
|
C:\Users\user\Zorillinae\Skaalpundet\Inkbslistes\Tset\Demodulationen\Iagttagerposition\libpixbufloader-icns.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Windows\Resources\0409\Transcriptive.ini
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\documentos DHL.exe
|
C:\Users\user\Desktop\documentos DHL.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Canaller\Kogenichernes\Vagtparaden
|
Sporocarpium
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Legendarian
|
Prefecture
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tovtrkkeriet
|
Orkhon
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3110000
|
direct allocation
|
page execute and read and write
|
|
|
|
66EB5FF000
|
stack
|
page read and write
|
||
|
1C2C8EF0000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2309B857000
|
heap
|
page read and write
|
||
|
2654F65A000
|
heap
|
page read and write
|
||
|
1B650000000
|
heap
|
page read and write
|
||
|
17540602000
|
heap
|
page read and write
|
||
|
20CCA7D000
|
stack
|
page read and write
|
||
|
BB94C7A000
|
stack
|
page read and write
|
||
|
21140288000
|
heap
|
page read and write
|
||
|
17540480000
|
heap
|
page read and write
|
||
|
175404F0000
|
heap
|
page read and write
|
||
|
1C2C8000000
|
heap
|
page read and write
|
||
|
20A4D713000
|
heap
|
page read and write
|
||
|
2654F642000
|
heap
|
page read and write
|
||
|
211402C8000
|
heap
|
page read and write
|
||
|
2309C230000
|
heap
|
page read and write
|
||
|
1C2C8C90000
|
trusted library allocation
|
page read and write
|
||
|
1C2C803D000
|
heap
|
page read and write
|
||
|
1B650670000
|
trusted library allocation
|
page read and write
|
||
|
17540613000
|
heap
|
page read and write
|
||
|
2654F660000
|
heap
|
page read and write
|
||
|
2654F4B0000
|
heap
|
page read and write
|
||
|
1E695C46000
|
heap
|
page read and write
|
||
|
2309C122000
|
heap
|
page read and write
|
||
|
2654F66D000
|
heap
|
page read and write
|
||
|
21140245000
|
heap
|
page read and write
|
||
|
1E695C37000
|
heap
|
page read and write
|
||
|
8B237FF000
|
stack
|
page read and write
|
||
|
160D5636000
|
heap
|
page read and write
|
||
|
66EA95B000
|
stack
|
page read and write
|
||
|
2309C223000
|
heap
|
page read and write
|
||
|
2309C1BA000
|
heap
|
page read and write
|
||
|
2309C1D1000
|
heap
|
page read and write
|
||
|
1B650064000
|
heap
|
page read and write
|
||
|
1C2C7FF8000
|
heap
|
page read and write
|
||
|
2654F633000
|
heap
|
page read and write
|
||
|
1B65003C000
|
heap
|
page read and write
|
||
|
21140213000
|
heap
|
page read and write
|
||
|
7793DF9000
|
stack
|
page read and write
|
||
|
2654F677000
|
heap
|
page read and write
|
||
|
160D5602000
|
heap
|
page read and write
|
||
|
20A4D460000
|
heap
|
page read and write
|
||
|
2309C227000
|
heap
|
page read and write
|
||
|
2110000
|
heap
|
page read and write
|
||
|
1B650068000
|
heap
|
page read and write
|
||
|
BB9477F000
|
stack
|
page read and write
|
||
|
160D5BA0000
|
trusted library allocation
|
page read and write
|
||
|
20CCD7F000
|
stack
|
page read and write
|
||
|
20CCB7F000
|
stack
|
page read and write
|
||
|
1B64FEA0000
|
heap
|
page read and write
|
||
|
1E695C00000
|
heap
|
page read and write
|
||
|
2114022A000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
2309C154000
|
heap
|
page read and write
|
||
|
160D565C000
|
heap
|
page read and write
|
||
|
1B650013000
|
heap
|
page read and write
|
||
|
20A4D658000
|
heap
|
page read and write
|
||
|
1C2C8059000
|
heap
|
page read and write
|
||
|
2309B85B000
|
heap
|
page read and write
|
||
|
1C2C8260000
|
trusted library allocation
|
page read and write
|
||
|
1C2C8250000
|
heap
|
page read and write
|
||
|
C0E057E000
|
stack
|
page read and write
|
||
|
C0E067E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
211400D0000
|
heap
|
page read and write
|
||
|
2654F67E000
|
heap
|
page read and write
|
||
|
21140313000
|
heap
|
page read and write
|
||
|
1DDD8FF000
|
stack
|
page read and write
|
||
|
2309C002000
|
heap
|
page read and write
|
||
|
66EACFF000
|
stack
|
page read and write
|
||
|
8B239FD000
|
stack
|
page read and write
|
||
|
160D5BD0000
|
remote allocation
|
page read and write
|
||
|
160D5440000
|
heap
|
page read and write
|
||
|
175405F0000
|
trusted library allocation
|
page read and write
|
||
|
20A4D600000
|
heap
|
page read and write
|
||
|
20CCE7E000
|
stack
|
page read and write
|
||
|
1E695C54000
|
heap
|
page read and write
|
||
|
20A4D613000
|
heap
|
page read and write
|
||
|
1DDD6FB000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1E696402000
|
trusted library allocation
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
21140200000
|
heap
|
page read and write
|
||
|
20A4D5F0000
|
remote allocation
|
page read and write
|
||
|
2309B88A000
|
heap
|
page read and write
|
||
|
1C2C803D000
|
heap
|
page read and write
|
||
|
1B650079000
|
heap
|
page read and write
|
||
|
2309B9B9000
|
heap
|
page read and write
|
||
|
1C2C7FF0000
|
heap
|
page read and write
|
||
|
21140140000
|
heap
|
page read and write
|
||
|
160D563D000
|
heap
|
page read and write
|
||
|
21140302000
|
heap
|
page read and write
|
||
|
647000
|
heap
|
page read and write
|
||
|
2309B888000
|
heap
|
page read and write
|
||
|
66EB2FE000
|
stack
|
page read and write
|
||
|
2654F613000
|
heap
|
page read and write
|
||
|
2309B813000
|
heap
|
page read and write
|
||
|
1C2C8F00000
|
trusted library allocation
|
page read and write
|
||
|
2654F667000
|
heap
|
page read and write
|
||
|
8B2327B000
|
stack
|
page read and write
|
||
|
604127F000
|
stack
|
page read and write
|
||
|
2654F66A000
|
heap
|
page read and write
|
||
|
1DDD0DB000
|
stack
|
page read and write
|
||
|
2309C143000
|
heap
|
page read and write
|
||
|
2309C122000
|
heap
|
page read and write
|
||
|
1B650002000
|
heap
|
page read and write
|
||
|
2654F624000
|
heap
|
page read and write
|
||
|
160D5BD0000
|
remote allocation
|
page read and write
|
||
|
20A4D63D000
|
heap
|
page read and write
|
||
|
160D53D0000
|
heap
|
page read and write
|
||
|
1C2C81E0000
|
heap
|
page read and write
|
||
|
160D5702000
|
heap
|
page read and write
|
||
|
21140A02000
|
heap
|
page read and write
|
||
|
6040A8C000
|
stack
|
page read and write
|
||
|
1C2C7F90000
|
trusted library allocation
|
page read and write
|
||
|
1E695C02000
|
heap
|
page read and write
|
||
|
8B236FF000
|
stack
|
page read and write
|
||
|
20A4D400000
|
heap
|
page read and write
|
||
|
17540629000
|
heap
|
page read and write
|
||
|
17540600000
|
heap
|
page read and write
|
||
|
C0E00CC000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
160D5629000
|
heap
|
page read and write
|
||
|
C0E014E000
|
stack
|
page read and write
|
||
|
1B650113000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
160D5613000
|
heap
|
page read and write
|
||
|
2654F684000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C2C8F50000
|
trusted library allocation
|
page read and write
|
||
|
A516F7C000
|
stack
|
page read and write
|
||
|
2654F663000
|
heap
|
page read and write
|
||
|
20CC67B000
|
stack
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
2309B893000
|
heap
|
page read and write
|
||
|
20A4D560000
|
trusted library allocation
|
page read and write
|
||
|
60413FE000
|
stack
|
page read and write
|
||
|
6040F7C000
|
stack
|
page read and write
|
||
|
2309C102000
|
heap
|
page read and write
|
||
|
604137D000
|
stack
|
page read and write
|
||
|
2309B843000
|
heap
|
page read and write
|
||
|
1E695C13000
|
heap
|
page read and write
|
||
|
20A4D648000
|
heap
|
page read and write
|
||
|
20CC87D000
|
stack
|
page read and write
|
||
|
20CCF7F000
|
stack
|
page read and write
|
||
|
1C2C8C80000
|
trusted library allocation
|
page read and write
|
||
|
1B650058000
|
heap
|
page read and write
|
||
|
A51707F000
|
stack
|
page read and write
|
||
|
20A4D647000
|
heap
|
page read and write
|
||
|
2654F662000
|
heap
|
page read and write
|
||
|
7793FFB000
|
stack
|
page read and write
|
||
|
66EB4FD000
|
stack
|
page read and write
|
||
|
21140B00000
|
heap
|
page read and write
|
||
|
A516D7F000
|
stack
|
page read and write
|
||
|
20CCC7F000
|
stack
|
page read and write
|
||
|
1E695B60000
|
heap
|
page read and write
|
||
|
2654F64E000
|
heap
|
page read and write
|
||
|
1C2C8259000
|
heap
|
page read and write
|
||
|
17540713000
|
heap
|
page read and write
|
||
|
20A4D658000
|
heap
|
page read and write
|
||
|
A517179000
|
stack
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
160D5600000
|
heap
|
page read and write
|
||
|
2654F63D000
|
heap
|
page read and write
|
||
|
2654F66B000
|
heap
|
page read and write
|
||
|
21140266000
|
heap
|
page read and write
|
||
|
2309C1AD000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
17540702000
|
heap
|
page read and write
|
||
|
20A4D702000
|
heap
|
page read and write
|
||
|
2309B829000
|
heap
|
page read and write
|
||
|
20A4D689000
|
heap
|
page read and write
|
||
|
2309B760000
|
heap
|
page read and write
|
||
|
20A4D580000
|
trusted library allocation
|
page read and write
|
||
|
211400E0000
|
heap
|
page read and write
|
||
|
215E000
|
stack
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
||
|
A51690B000
|
stack
|
page read and write
|
||
|
1C2C8036000
|
heap
|
page read and write
|
||
|
2309B913000
|
heap
|
page read and write
|
||
|
1C2C8C20000
|
trusted library allocation
|
page read and write
|
||
|
BB947FF000
|
stack
|
page read and write
|
||
|
2114026E000
|
heap
|
page read and write
|
||
|
160D5BD0000
|
remote allocation
|
page read and write
|
||
|
2309C16E000
|
heap
|
page read and write
|
||
|
2654F67B000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2654F665000
|
heap
|
page read and write
|
||
|
2309B893000
|
heap
|
page read and write
|
||
|
8B238FC000
|
stack
|
page read and write
|
||
|
2309B9E7000
|
heap
|
page read and write
|
||
|
1C2C8255000
|
heap
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
66EAD7C000
|
stack
|
page read and write
|
||
|
2654F600000
|
heap
|
page read and write
|
||
|
2654F5B0000
|
trusted library allocation
|
page read and write
|
||
|
20A4D700000
|
heap
|
page read and write
|
||
|
5A0000
|
trusted library allocation
|
page read and write
|
||
|
1E695BC0000
|
heap
|
page read and write
|
||
|
2654F631000
|
heap
|
page read and write
|
||
|
46E000
|
unkown
|
page readonly
|
||
|
1E695D02000
|
heap
|
page read and write
|
||
|
2309B826000
|
heap
|
page read and write
|
||
|
211402E1000
|
heap
|
page read and write
|
||
|
2654F440000
|
heap
|
page read and write
|
||
|
BB94B7F000
|
stack
|
page read and write
|
||
|
17540E02000
|
trusted library allocation
|
page read and write
|
||
|
1B650102000
|
heap
|
page read and write
|
||
|
2654F675000
|
heap
|
page read and write
|
||
|
20A4D718000
|
heap
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
160D5623000
|
heap
|
page read and write
|
||
|
1E695BF0000
|
trusted library allocation
|
page read and write
|
||
|
2654F450000
|
heap
|
page read and write
|
||
|
45E000
|
unkown
|
page readonly
|
||
|
1B650100000
|
heap
|
page read and write
|
||
|
219E000
|
stack
|
page read and write
|
||
|
2654F640000
|
heap
|
page read and write
|
||
|
2654F658000
|
heap
|
page read and write
|
||
|
1B650802000
|
trusted library allocation
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
1C2C8EE0000
|
heap
|
page readonly
|
||
|
2230000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
1B650028000
|
heap
|
page read and write
|
||
|
1C2C8ED0000
|
trusted library allocation
|
page read and write
|
||
|
2309B800000
|
heap
|
page read and write
|
||
|
683000
|
heap
|
page read and write
|
||
|
46E000
|
unkown
|
page readonly
|
||
|
1DDD7FB000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
BB94E7B000
|
stack
|
page read and write
|
||
|
1E695C3E000
|
heap
|
page read and write
|
||
|
2654F629000
|
heap
|
page read and write
|
||
|
20CC47C000
|
stack
|
page read and write
|
||
|
1754065B000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
69D000
|
heap
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
2654F657000
|
heap
|
page read and write
|
||
|
BB943BB000
|
stack
|
page read and write
|
||
|
2309C202000
|
heap
|
page read and write
|
||
|
C0E087F000
|
stack
|
page read and write
|
||
|
BB949FB000
|
stack
|
page read and write
|
||
|
8B235FF000
|
stack
|
page read and write
|
||
|
66EB17D000
|
stack
|
page read and write
|
||
|
2309C213000
|
heap
|
page read and write
|
||
|
BB94D7E000
|
stack
|
page read and write
|
||
|
2309B6F0000
|
heap
|
page read and write
|
||
|
1E695C2F000
|
heap
|
page read and write
|
||
|
20A4D71C000
|
heap
|
page read and write
|
||
|
7793E79000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
66EAF7C000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
20A4D662000
|
heap
|
page read and write
|
||
|
20A4D5F0000
|
remote allocation
|
page read and write
|
||
|
BB94A79000
|
stack
|
page read and write
|
||
|
2309B790000
|
trusted library allocation
|
page read and write
|
||
|
1B64FF10000
|
heap
|
page read and write
|
||
|
1DDD5FB000
|
stack
|
page read and write
|
||
|
2309B7B0000
|
trusted library allocation
|
page read and write
|
||
|
2654F67A000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
5F6000
|
heap
|
page read and write
|
||
|
A516E7A000
|
stack
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
17540675000
|
heap
|
page read and write
|
||
|
1E695C3B000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
20A4D62A000
|
heap
|
page read and write
|
||
|
45E000
|
unkown
|
page readonly
|
||
|
66EB3FE000
|
stack
|
page read and write
|
||
|
1E695C29000
|
heap
|
page read and write
|
||
|
2654F65C000
|
heap
|
page read and write
|
||
|
2234000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
2309B843000
|
heap
|
page read and write
|
||
|
2309B880000
|
heap
|
page read and write
|
||
|
20A4F002000
|
trusted library allocation
|
page read and write
|
||
|
20A4D602000
|
heap
|
page read and write
|
||
|
20A4D5B0000
|
trusted library allocation
|
page read and write
|
||
|
20A4D5F0000
|
remote allocation
|
page read and write
|
||
|
20A4D3F0000
|
heap
|
page read and write
|
||
|
211402BF000
|
heap
|
page read and write
|
||
|
2654F646000
|
heap
|
page read and write
|
||
|
1C2C803D000
|
heap
|
page read and write
|
||
|
2309B874000
|
heap
|
page read and write
|
||
|
2654F63A000
|
heap
|
page read and write
|
||
|
2654F647000
|
heap
|
page read and write
|
||
|
2309C200000
|
heap
|
page read and write
|
||
|
2654F702000
|
heap
|
page read and write
|
||
|
2309B88D000
|
heap
|
page read and write
|
||
|
66EB1FB000
|
stack
|
page read and write
|
||
|
2654F674000
|
heap
|
page read and write
|
||
|
211402D0000
|
heap
|
page read and write
|
||
|
160D53E0000
|
heap
|
page read and write
|
||
|
2654F645000
|
heap
|
page read and write
|
||
|
2654FE02000
|
trusted library allocation
|
page read and write
|
||
|
160D5C02000
|
trusted library allocation
|
page read and write
|
||
|
8B23BFC000
|
stack
|
page read and write
|
||
|
17540490000
|
heap
|
page read and write
|
||
|
20A4D657000
|
heap
|
page read and write
|
||
|
60411FE000
|
stack
|
page read and write
|
||
|
2784000
|
trusted library allocation
|
page read and write
|
||
|
1E695B70000
|
heap
|
page read and write
|
||
|
C0E01CE000
|
stack
|
page read and write
|
||
|
7793C7C000
|
stack
|
page read and write
|
||
|
20CC77F000
|
stack
|
page read and write
|
||
|
2309C100000
|
heap
|
page read and write
|
||
|
2309C18F000
|
heap
|
page read and write
|
||
|
2220000
|
trusted library allocation
|
page read and write
|
||
|
20A4EFA0000
|
trusted library allocation
|
page read and write
|
||
|
BB948FF000
|
stack
|
page read and write
|
||
|
20A4D648000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
2309B83C000
|
heap
|
page read and write
|
||
|
1C2C7F80000
|
heap
|
page read and write
|
||
|
45A000
|
unkown
|
page read and write
|
||
|
6040FFE000
|
stack
|
page read and write
|
||
|
2309B996000
|
heap
|
page read and write
|
||
|
2309C1C8000
|
heap
|
page read and write
|
||
|
1754063D000
|
heap
|
page read and write
|
||
|
21140170000
|
trusted library allocation
|
page read and write
|
||
|
7793EFF000
|
stack
|
page read and write
|
||
|
66EB07F000
|
stack
|
page read and write
|
||
|
1B64FEB0000
|
heap
|
page read and write
|
||
|
1754063A000
|
heap
|
page read and write
|
||
|
1C2C81C0000
|
heap
|
page read and write
|
||
|
2309B700000
|
heap
|
page read and write
|
||
|
C0E077E000
|
stack
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
1C2C8C10000
|
trusted library allocation
|
page read and write
|
There are 327 hidden memdumps, click here to show them.