Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\8082-x86.dll"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\8082-x86.dll",#1
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\8082-x86.dll
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\8082-x86.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x86.dll,DllGetClassObject
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x86.dll,DllMain
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x86.dll,DllRegisterServer
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://20.104.209.69:8082/broadcast
|
20.104.209.69
|
|
|
|
20.104.209.69
|
|
||
|
http://20.104.209.69:8082/1/events/com.amazon.csm.csa.prod
|
20.104.209.69
|
|
|
|
https://d22u79neyj432a.cloudfront.net/bfc50dfa-8e10-44b5-ae59-ac26bfc71489/54857e6d-c060-4b3c-914a-8
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
20.104.209.69
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
CE0000
|
direct allocation
|
page execute read
|
|
|
|
5554DFF000
|
stack
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
4890000
|
heap
|
page read and write
|
||
|
1318000
|
trusted library allocation
|
page read and write
|
||
|
130C000
|
trusted library allocation
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
22A8B6D9000
|
heap
|
page read and write
|
||
|
22A8B3F0000
|
heap
|
page read and write
|
||
|
28DA000
|
heap
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
22A8B448000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
22A8B2E0000
|
heap
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
1303000
|
trusted library allocation
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
5E0000
|
trusted library allocation
|
page read and write
|
||
|
2C3B000
|
stack
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
2E2A000
|
heap
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
410E000
|
stack
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
direct allocation
|
page execute read
|
||
|
475E000
|
stack
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
E2E000
|
trusted library allocation
|
page read and write
|
||
|
22A8B180000
|
heap
|
page read and write
|
||
|
22A8B42D000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
130C000
|
trusted library allocation
|
page read and write
|
||
|
605000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
22A8B42D000
|
heap
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
1318000
|
trusted library allocation
|
page read and write
|
||
|
479F000
|
stack
|
page read and write
|
||
|
5554C79000
|
stack
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
22A8B2C0000
|
heap
|
page read and write
|
||
|
27FA000
|
heap
|
page read and write
|
||
|
22A8B6B0000
|
trusted library allocation
|
page read and write
|
||
|
22A8C040000
|
trusted library allocation
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
22A8B426000
|
heap
|
page read and write
|
||
|
2380000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
30AA000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
130C000
|
trusted library allocation
|
page read and write
|
||
|
5554BF9000
|
stack
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
1318000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
22A8B350000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
E58000
|
trusted library allocation
|
page read and write
|
||
|
12DA000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
22A8B3E0000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
131C000
|
trusted library allocation
|
page read and write
|
||
|
976000
|
direct allocation
|
page read and write
|
||
|
22A8B6E0000
|
trusted library allocation
|
page read and write
|
||
|
22A8B42E000
|
heap
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
57D000
|
stack
|
page read and write
|
||
|
131C000
|
trusted library allocation
|
page read and write
|
||
|
A7E000
|
stack
|
page read and write
|
||
|
131C000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
22A8B190000
|
trusted library allocation
|
page read and write
|
||
|
29EC000
|
stack
|
page read and write
|
||
|
4250000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
22A8C290000
|
trusted library allocation
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
2AAC000
|
stack
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
22A8B6D5000
|
heap
|
page read and write
|
||
|
22A8B6D0000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
5554CFE000
|
stack
|
page read and write
|
||
|
35E1000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
130C000
|
trusted library allocation
|
page read and write
|
||
|
5554A7C000
|
stack
|
page read and write
|
||
|
22A8B360000
|
trusted library allocation
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
1318000
|
trusted library allocation
|
page read and write
|
||
|
22A8B6A0000
|
heap
|
page readonly
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
414F000
|
stack
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
5554D79000
|
stack
|
page read and write
|
||
|
4B1F000
|
stack
|
page read and write
|
||
|
28BE000
|
stack
|
page read and write
|
||
|
4BBF000
|
stack
|
page read and write
|
||
|
317D000
|
stack
|
page read and write
|
||
|
22A8B690000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
22DC000
|
stack
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
23CB000
|
stack
|
page read and write
|
||
|
1314000
|
trusted library allocation
|
page read and write
|
||
|
2AEB000
|
stack
|
page read and write
|
||
|
22A8C250000
|
trusted library allocation
|
page read and write
|
||
|
ADD000
|
stack
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
35D0000
|
trusted library section
|
page readonly
|
||
|
238B000
|
stack
|
page read and write
|
||
|
22A8B3C0000
|
trusted library allocation
|
page read and write
|
||
|
2D9C000
|
stack
|
page read and write
|
||
|
47D000
|
stack
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
2E8A000
|
heap
|
page read and write
|
||
|
22A8B427000
|
heap
|
page read and write
|
||
|
231B000
|
stack
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
327A000
|
stack
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
6A4000
|
heap
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
1304000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
heap
|
page read and write
|
||
|
1308000
|
trusted library allocation
|
page read and write
|
||
|
131C000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
trusted library allocation
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
BDA000
|
stack
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
2DDB000
|
stack
|
page read and write
|
||
|
12D8000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
trusted library allocation
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
22A8B3E8000
|
heap
|
page read and write
|
||
|
A86000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
There are 171 hidden memdumps, click here to show them.