Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
D009780.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsn8FFA.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Anhydridizes.Imi121
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Staveren\Kolkhozy\Fatalists\Cassythaceae\Psammologist.Pan
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Staveren\Kolkhozy\Fatalists\Cassythaceae\libxml2-2.0.typelib
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Staveren\Kolkhozy\Fatalists\Cassythaceae\memstat.c
|
C source, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Staveren\Kolkhozy\Fatalists\Cassythaceae\selection-end-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\D009780.exe
|
C:\Users\user\Desktop\D009780.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fivefoldness\Endosseringerne\Fouragen
|
Arigue
|
||
|
HKEY_CURRENT_USER\Software\Fruticeta\Lavandin\Kingliest\Ernringsenhed
|
Legating
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
290F000
|
stack
|
page read and write
|
||
|
2207E057000
|
heap
|
page read and write
|
||
|
1C386702000
|
heap
|
page read and write
|
||
|
1BD7663C000
|
heap
|
page read and write
|
||
|
210A8F80000
|
trusted library allocation
|
page read and write
|
||
|
1C386600000
|
heap
|
page read and write
|
||
|
E367FE000
|
stack
|
page read and write
|
||
|
1DB1AB00000
|
heap
|
page read and write
|
||
|
24849722000
|
heap
|
page read and write
|
||
|
1DB1ACAE000
|
heap
|
page read and write
|
||
|
24848FB9000
|
heap
|
page read and write
|
||
|
1A8C8110000
|
heap
|
page read and write
|
||
|
1DB1BA50000
|
trusted library allocation
|
page read and write
|
||
|
24848E6D000
|
heap
|
page read and write
|
||
|
1DB1AECE000
|
heap
|
page read and write
|
||
|
1CB07ABA000
|
heap
|
page read and write
|
||
|
2240000
|
trusted library allocation
|
page read and write
|
||
|
18395213000
|
heap
|
page read and write
|
||
|
24848DA0000
|
trusted library allocation
|
page read and write
|
||
|
210A8FF0000
|
remote allocation
|
page read and write
|
||
|
2207DE20000
|
heap
|
page read and write
|
||
|
210A8F30000
|
heap
|
page read and write
|
||
|
AA3E5CC000
|
stack
|
page read and write
|
||
|
2207DF90000
|
trusted library allocation
|
page read and write
|
||
|
2207DE30000
|
heap
|
page read and write
|
||
|
24848E86000
|
heap
|
page read and write
|
||
|
21934FC000
|
stack
|
page read and write
|
||
|
24849722000
|
heap
|
page read and write
|
||
|
24849830000
|
heap
|
page read and write
|
||
|
1C386630000
|
heap
|
page read and write
|
||
|
473000
|
unkown
|
page read and write
|
||
|
2B10000
|
direct allocation
|
page execute and read and write
|
||
|
2207E802000
|
trusted library allocation
|
page read and write
|
||
|
24848FE5000
|
heap
|
page read and write
|
||
|
24849800000
|
heap
|
page read and write
|
||
|
1BD76613000
|
heap
|
page read and write
|
||
|
43C000
|
unkown
|
page read and write
|
||
|
24848E13000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1C38663C000
|
heap
|
page read and write
|
||
|
7DA000
|
heap
|
page read and write
|
||
|
1C386629000
|
heap
|
page read and write
|
||
|
2484976D000
|
heap
|
page read and write
|
||
|
24848E2C000
|
heap
|
page read and write
|
||
|
210A9113000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
24848E53000
|
heap
|
page read and write
|
||
|
1C38664C000
|
heap
|
page read and write
|
||
|
1DB1AC69000
|
heap
|
page read and write
|
||
|
1DB1ACC3000
|
heap
|
page read and write
|
||
|
AA3E9FF000
|
stack
|
page read and write
|
||
|
1BD76E02000
|
trusted library allocation
|
page read and write
|
||
|
18395160000
|
heap
|
page read and write
|
||
|
1CB07A6B000
|
heap
|
page read and write
|
||
|
21939FE000
|
stack
|
page read and write
|
||
|
1A8C8279000
|
heap
|
page read and write
|
||
|
210A9100000
|
heap
|
page read and write
|
||
|
210A907A000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
1A8C829A000
|
heap
|
page read and write
|
||
|
73AA07C000
|
stack
|
page read and write
|
||
|
24848F13000
|
heap
|
page read and write
|
||
|
7BF8C7F000
|
stack
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
24849711000
|
heap
|
page read and write
|
||
|
210A8FB0000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1A8C8170000
|
heap
|
page read and write
|
||
|
1DB1AD60000
|
heap
|
page read and write
|
||
|
1A8C8297000
|
heap
|
page read and write
|
||
|
1DB1ACA6000
|
heap
|
page read and write
|
||
|
1A8C8229000
|
heap
|
page read and write
|
||
|
21936FF000
|
stack
|
page read and write
|
||
|
24848E43000
|
heap
|
page read and write
|
||
|
1CB07A00000
|
heap
|
page read and write
|
||
|
210AAA70000
|
trusted library allocation
|
page read and write
|
||
|
1BD76650000
|
heap
|
page read and write
|
||
|
1BD76602000
|
heap
|
page read and write
|
||
|
1A8C827D000
|
heap
|
page read and write
|
||
|
210A9002000
|
heap
|
page read and write
|
||
|
2207E064000
|
heap
|
page read and write
|
||
|
2207E002000
|
heap
|
page read and write
|
||
|
7BF8F7F000
|
stack
|
page read and write
|
||
|
1CB07A86000
|
heap
|
page read and write
|
||
|
1A8C8272000
|
heap
|
page read and write
|
||
|
210A9086000
|
heap
|
page read and write
|
||
|
210A8FF0000
|
remote allocation
|
page read and write
|
||
|
E3657E000
|
stack
|
page read and write
|
||
|
2207DE90000
|
heap
|
page read and write
|
||
|
1A8C8274000
|
heap
|
page read and write
|
||
|
24848E00000
|
heap
|
page read and write
|
||
|
18395100000
|
heap
|
page read and write
|
||
|
1C386510000
|
heap
|
page read and write
|
||
|
1BD76623000
|
heap
|
page read and write
|
||
|
980777F000
|
stack
|
page read and write
|
||
|
E368FE000
|
stack
|
page read and write
|
||
|
1A8C8240000
|
heap
|
page read and write
|
||
|
1A8C823D000
|
heap
|
page read and write
|
||
|
673D87E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1A8C8248000
|
heap
|
page read and write
|
||
|
1CB07B02000
|
heap
|
page read and write
|
||
|
1DB1AB10000
|
trusted library allocation
|
page read and write
|
||
|
1A8C823A000
|
heap
|
page read and write
|
||
|
E366FE000
|
stack
|
page read and write
|
||
|
2207E113000
|
heap
|
page read and write
|
||
|
210A8F60000
|
trusted library allocation
|
page read and write
|
||
|
1C38665A000
|
heap
|
page read and write
|
||
|
1CB07AE1000
|
heap
|
page read and write
|
||
|
1DB1B800000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
24849743000
|
heap
|
page read and write
|
||
|
AA3EAFE000
|
stack
|
page read and write
|
||
|
2193CFF000
|
stack
|
page read and write
|
||
|
1BD76600000
|
heap
|
page read and write
|
||
|
18395313000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
18395269000
|
heap
|
page read and write
|
||
|
798000
|
heap
|
page read and write
|
||
|
18395A02000
|
trusted library allocation
|
page read and write
|
||
|
2192E8C000
|
stack
|
page read and write
|
||
|
1A8C826D000
|
heap
|
page read and write
|
||
|
1DB1AED0000
|
trusted library allocation
|
page read and write
|
||
|
98076FD000
|
stack
|
page read and write
|
||
|
2207E028000
|
heap
|
page read and write
|
||
|
AA3EC79000
|
stack
|
page read and write
|
||
|
210A904C000
|
heap
|
page read and write
|
||
|
1BD76500000
|
heap
|
page read and write
|
||
|
C0B879B000
|
stack
|
page read and write
|
||
|
1A8C8245000
|
heap
|
page read and write
|
||
|
24848E8B000
|
heap
|
page read and write
|
||
|
1DB1AC40000
|
heap
|
page read and write
|
||
|
98079FE000
|
stack
|
page read and write
|
||
|
7BF88FC000
|
stack
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
1A8C8A02000
|
trusted library allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
18395265000
|
heap
|
page read and write
|
||
|
AA3E97F000
|
stack
|
page read and write
|
||
|
1CB07A13000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7BF86FC000
|
stack
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
183950F0000
|
heap
|
page read and write
|
||
|
1DB1ACAE000
|
heap
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
1CB07830000
|
heap
|
page read and write
|
||
|
2193AFF000
|
stack
|
page read and write
|
||
|
24848E73000
|
heap
|
page read and write
|
||
|
24848E76000
|
heap
|
page read and write
|
||
|
24848E43000
|
heap
|
page read and write
|
||
|
1A8C825A000
|
heap
|
page read and write
|
||
|
1A8C8265000
|
heap
|
page read and write
|
||
|
2207E068000
|
heap
|
page read and write
|
||
|
24848D00000
|
heap
|
page read and write
|
||
|
248497BC000
|
heap
|
page read and write
|
||
|
7CA000
|
heap
|
page read and write
|
||
|
7BF8AFC000
|
stack
|
page read and write
|
||
|
AA3EF7F000
|
stack
|
page read and write
|
||
|
1A8C827A000
|
heap
|
page read and write
|
||
|
24849827000
|
heap
|
page read and write
|
||
|
1DB1BA70000
|
trusted library allocation
|
page read and write
|
||
|
C0B8DFC000
|
stack
|
page read and write
|
||
|
2207E079000
|
heap
|
page read and write
|
||
|
73AA1F9000
|
stack
|
page read and write
|
||
|
1CB08100000
|
heap
|
page read and write
|
||
|
1A8C8263000
|
heap
|
page read and write
|
||
|
1DB1ACAE000
|
heap
|
page read and write
|
||
|
AA3EBFC000
|
stack
|
page read and write
|
||
|
1A8C826A000
|
heap
|
page read and write
|
||
|
22C6000
|
heap
|
page read and write
|
||
|
2207E013000
|
heap
|
page read and write
|
||
|
7BF8B7B000
|
stack
|
page read and write
|
||
|
24849790000
|
heap
|
page read and write
|
||
|
1A8C8257000
|
heap
|
page read and write
|
||
|
1BD76629000
|
heap
|
page read and write
|
||
|
24849700000
|
heap
|
page read and write
|
||
|
1A8C81A0000
|
trusted library allocation
|
page read and write
|
||
|
24849708000
|
heap
|
page read and write
|
||
|
1C386570000
|
heap
|
page read and write
|
||
|
210A905C000
|
heap
|
page read and write
|
||
|
18395190000
|
trusted library allocation
|
page read and write
|
||
|
1DB1BA80000
|
trusted library allocation
|
page read and write
|
||
|
1DB1BA60000
|
heap
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
216E000
|
stack
|
page read and write
|
||
|
1C386E02000
|
trusted library allocation
|
page read and write
|
||
|
1A8C826B000
|
heap
|
page read and write
|
||
|
24849802000
|
heap
|
page read and write
|
||
|
210A9118000
|
heap
|
page read and write
|
||
|
1CB07AE6000
|
heap
|
page read and write
|
||
|
24849602000
|
heap
|
page read and write
|
||
|
1BD76702000
|
heap
|
page read and write
|
||
|
1C386602000
|
heap
|
page read and write
|
||
|
210A8FF0000
|
remote allocation
|
page read and write
|
||
|
C0B8FFF000
|
stack
|
page read and write
|
||
|
24848D10000
|
heap
|
page read and write
|
||
|
C0B8BFE000
|
stack
|
page read and write
|
||
|
1A8C827E000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
673D67E000
|
stack
|
page read and write
|
||
|
210A904B000
|
heap
|
page read and write
|
||
|
1C386648000
|
heap
|
page read and write
|
||
|
24848E90000
|
heap
|
page read and write
|
||
|
210A9069000
|
heap
|
page read and write
|
||
|
1C386644000
|
heap
|
page read and write
|
||
|
210A8EC0000
|
heap
|
page read and write
|
||
|
18395229000
|
heap
|
page read and write
|
||
|
1DB1AEC9000
|
heap
|
page read and write
|
||
|
E3647B000
|
stack
|
page read and write
|
||
|
1CB07A44000
|
heap
|
page read and write
|
||
|
2207E102000
|
heap
|
page read and write
|
||
|
1A8C824E000
|
heap
|
page read and write
|
||
|
1C38661F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2207E100000
|
heap
|
page read and write
|
||
|
210A9013000
|
heap
|
page read and write
|
||
|
2207E000000
|
heap
|
page read and write
|
||
|
18395276000
|
heap
|
page read and write
|
||
|
673D97C000
|
stack
|
page read and write
|
||
|
1CB077C0000
|
heap
|
page read and write
|
||
|
7BF8E7C000
|
stack
|
page read and write
|
||
|
1CB07AC4000
|
heap
|
page read and write
|
||
|
1C386613000
|
heap
|
page read and write
|
||
|
1DB1AEA0000
|
trusted library allocation
|
page read and write
|
||
|
1C3865A0000
|
trusted library allocation
|
page read and write
|
||
|
23CF000
|
stack
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
1BD76510000
|
heap
|
page read and write
|
||
|
24849823000
|
heap
|
page read and write
|
||
|
24848E29000
|
heap
|
page read and write
|
||
|
1839523D000
|
heap
|
page read and write
|
||
|
1CB07F90000
|
trusted library allocation
|
page read and write
|
||
|
210A905B000
|
heap
|
page read and write
|
||
|
98074FE000
|
stack
|
page read and write
|
||
|
24849702000
|
heap
|
page read and write
|
||
|
1BD76570000
|
heap
|
page read and write
|
||
|
248497AE000
|
heap
|
page read and write
|
||
|
7BF89FE000
|
stack
|
page read and write
|
||
|
210A905C000
|
heap
|
page read and write
|
||
|
18395302000
|
heap
|
page read and write
|
||
|
24849754000
|
heap
|
page read and write
|
||
|
6F351FE000
|
stack
|
page read and write
|
||
|
7BF82CB000
|
stack
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
18395202000
|
heap
|
page read and write
|
||
|
1CB07B13000
|
heap
|
page read and write
|
||
|
1A8C8200000
|
heap
|
page read and write
|
||
|
21937FD000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21938FF000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
73AA3F9000
|
stack
|
page read and write
|
||
|
AA3F07A000
|
stack
|
page read and write
|
||
|
210A903D000
|
heap
|
page read and write
|
||
|
1DB1B810000
|
trusted library allocation
|
page read and write
|
||
|
1CB07ACB000
|
heap
|
page read and write
|
||
|
673D4FD000
|
stack
|
page read and write
|
||
|
1CB08132000
|
heap
|
page read and write
|
||
|
1CB07A29000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1A8C8100000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page read and write
|
||
|
1DB1AECC000
|
heap
|
page read and write
|
||
|
980787D000
|
stack
|
page read and write
|
||
|
1DB1AEB0000
|
trusted library allocation
|
page read and write
|
||
|
1C386639000
|
heap
|
page read and write
|
||
|
21932FB000
|
stack
|
page read and write
|
||
|
1BD765D0000
|
remote allocation
|
page read and write
|
||
|
210A9102000
|
heap
|
page read and write
|
||
|
6F352FE000
|
stack
|
page read and write
|
||
|
1BD765A0000
|
trusted library allocation
|
page read and write
|
||
|
24849813000
|
heap
|
page read and write
|
||
|
E369FF000
|
stack
|
page read and write
|
||
|
24848D70000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
1A8C8213000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1A8C8284000
|
heap
|
page read and write
|
||
|
9806FEB000
|
stack
|
page read and write
|
||
|
6F353FB000
|
stack
|
page read and write
|
||
|
1DB1BAD0000
|
trusted library allocation
|
page read and write
|
||
|
24848F8E000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
7BF867E000
|
stack
|
page read and write
|
||
|
24848E88000
|
heap
|
page read and write
|
||
|
21933FE000
|
stack
|
page read and write
|
||
|
AA3EE7A000
|
stack
|
page read and write
|
||
|
1C386520000
|
heap
|
page read and write
|
||
|
24848E58000
|
heap
|
page read and write
|
||
|
1A8C8233000
|
heap
|
page read and write
|
||
|
1A8C8244000
|
heap
|
page read and write
|
||
|
1CB077D0000
|
heap
|
page read and write
|
||
|
210AAC02000
|
trusted library allocation
|
page read and write
|
||
|
2207E03C000
|
heap
|
page read and write
|
||
|
2193BFF000
|
stack
|
page read and write
|
||
|
1BD765D0000
|
remote allocation
|
page read and write
|
||
|
2A10000
|
trusted library allocation
|
page read and write
|
||
|
24848E90000
|
heap
|
page read and write
|
||
|
210A904C000
|
heap
|
page read and write
|
||
|
1A8C8246000
|
heap
|
page read and write
|
||
|
24848DC0000
|
trusted library allocation
|
page read and write
|
||
|
1A8C8302000
|
heap
|
page read and write
|
||
|
1A8C8275000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
980747C000
|
stack
|
page read and write
|
||
|
673D77F000
|
stack
|
page read and write
|
||
|
673DC7C000
|
stack
|
page read and write
|
||
|
24848E3C000
|
heap
|
page read and write
|
||
|
24848E66000
|
heap
|
page read and write
|
||
|
24C4000
|
heap
|
page read and write
|
||
|
1A8C8258000
|
heap
|
page read and write
|
||
|
C0B8CF9000
|
stack
|
page read and write
|
||
|
210A902A000
|
heap
|
page read and write
|
||
|
210A9000000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1DB1AEC5000
|
heap
|
page read and write
|
||
|
6F34BAB000
|
stack
|
page read and write
|
||
|
1BD76657000
|
heap
|
page read and write
|
||
|
73AA279000
|
stack
|
page read and write
|
||
|
1A8C8277000
|
heap
|
page read and write
|
||
|
1DB1AC60000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
210A8ED0000
|
heap
|
page read and write
|
||
|
1839525A000
|
heap
|
page read and write
|
||
|
1BD765D0000
|
remote allocation
|
page read and write
|
||
|
1A8C8241000
|
heap
|
page read and write
|
||
|
1A8C826F000
|
heap
|
page read and write
|
||
|
1A8C827B000
|
heap
|
page read and write
|
||
|
18395200000
|
heap
|
page read and write
|
||
|
673D0BC000
|
stack
|
page read and write
|
||
|
1C386669000
|
heap
|
page read and write
|
||
|
1C386652000
|
heap
|
page read and write
|
||
|
E364FE000
|
stack
|
page read and write
|
||
|
C0B8EFF000
|
stack
|
page read and write
|
||
|
673DA7D000
|
stack
|
page read and write
|
||
|
1CB08002000
|
heap
|
page read and write
|
||
|
1A8C8299000
|
heap
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
AA3ED7F000
|
stack
|
page read and write
|
||
|
6F350FB000
|
stack
|
page read and write
|
||
|
1A8C8259000
|
heap
|
page read and write
|
||
|
1DB1AEC0000
|
heap
|
page read and write
|
||
|
73AA2FF000
|
stack
|
page read and write
|
||
|
24848E4D000
|
heap
|
page read and write
|
||
|
1A8C8242000
|
heap
|
page read and write
|
||
|
1A8C8231000
|
heap
|
page read and write
|
||
|
7BF8D7E000
|
stack
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
There are 339 hidden memdumps, click here to show them.