Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\8082-x64.dll.dll"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\8082-x64.dll.dll",#1
|
||
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\8082-x64.dll.dll
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\8082-x64.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x64.dll.dll,DllGetClassObject
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x64.dll.dll,DllMain
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\8082-x64.dll.dll,DllRegisterServer
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://20.104.209.69:8082/broadcast
|
20.104.209.69
|
|
|
|
20.104.209.69
|
|
||
|
http://20.104.209.69:8082/1/events/com.amazon.csm.csa.prod
|
20.104.209.69
|
|
|
|
http://20.104.209.69:8082/broadcast?
|
unknown
|
||
|
http://20.104.209.69:8082/broadcastp
|
unknown
|
||
|
http://20.104.209.69:8082/broadcast((
|
unknown
|
||
|
https://www.amazon.com
|
unknown
|
||
|
http://20.104.209.69:8082/broadcast2
|
unknown
|
||
|
https://d22u79neyj432a.cloudfront.net/bfc50dfa-8e10-44b5-ae59-ac26bfc71489/54857e6d-c060-4b3c-914a-8
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
20.104.209.69
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26760590000
|
direct allocation
|
page execute read
|
|
|
|
49B000
|
stack
|
page read and write
|
||
|
22AC5EF0000
|
heap
|
page read and write
|
||
|
C1ED4F9000
|
stack
|
page read and write
|
||
|
22AC5EA0000
|
heap
|
page read and write
|
||
|
26760440000
|
heap
|
page read and write
|
||
|
267601E0000
|
heap
|
page read and write
|
||
|
26762550000
|
direct allocation
|
page read and write
|
||
|
25C5B950000
|
heap
|
page read and write
|
||
|
20408AF0000
|
heap
|
page read and write
|
||
|
D9C3C7C000
|
stack
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
26760402000
|
unkown
|
page read and write
|
||
|
25D6E575000
|
heap
|
page read and write
|
||
|
25C5D560000
|
heap
|
page read and write
|
||
|
25D70290000
|
heap
|
page read and write
|
||
|
267603A1000
|
direct allocation
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
267605C1000
|
direct allocation
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
20408B70000
|
heap
|
page read and write
|
||
|
C4F90FF000
|
stack
|
page read and write
|
||
|
25D6E5F0000
|
heap
|
page read and write
|
||
|
20408880000
|
heap
|
page read and write
|
||
|
26760348000
|
unkown
|
page read and write
|
||
|
D9C3DFF000
|
stack
|
page read and write
|
||
|
C1ECFF5000
|
stack
|
page read and write
|
||
|
C1ED5FD000
|
stack
|
page read and write
|
||
|
26760400000
|
unkown
|
page read and write
|
||
|
26760460000
|
heap
|
page read and write
|
||
|
25D6E560000
|
heap
|
page read and write
|
||
|
25D6E5D0000
|
heap
|
page read and write
|
||
|
267603F8000
|
unkown
|
page read and write
|
||
|
22AC5CC0000
|
heap
|
page read and write
|
||
|
25D6E570000
|
heap
|
page read and write
|
||
|
26760320000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
204089D0000
|
heap
|
page read and write
|
||
|
75ED37E000
|
stack
|
page read and write
|
||
|
25C5D2C0000
|
heap
|
page read and write
|
||
|
7739A7E000
|
stack
|
page read and write
|
||
|
25D6FFB0000
|
heap
|
page read and write
|
||
|
25D6E640000
|
heap
|
page read and write
|
||
|
267603C6000
|
unkown
|
page read and write
|
||
|
77398FF000
|
stack
|
page read and write
|
||
|
773987C000
|
stack
|
page read and write
|
||
|
22AC5E00000
|
heap
|
page read and write
|
||
|
2040A3D0000
|
heap
|
page read and write
|
||
|
204089D8000
|
heap
|
page read and write
|
||
|
C1ECFFC000
|
stack
|
page read and write
|
||
|
25C5B905000
|
heap
|
page read and write
|
||
|
2040A3E0000
|
heap
|
page read and write
|
||
|
25C5B957000
|
heap
|
page read and write
|
||
|
C1ED2FE000
|
stack
|
page read and write
|
||
|
2676041E000
|
unkown
|
page read and write
|
||
|
25C5B8B0000
|
heap
|
page read and write
|
||
|
2676041A000
|
direct allocation
|
page read and write
|
||
|
26760412000
|
direct allocation
|
page read and write
|
||
|
22AC5E20000
|
heap
|
page read and write
|
||
|
D9C3CFE000
|
stack
|
page read and write
|
||
|
D9C3E7F000
|
stack
|
page read and write
|
||
|
C1ECCFD000
|
stack
|
page read and write
|
||
|
C1ED3FE000
|
stack
|
page read and write
|
||
|
267603F8000
|
heap
|
page read and write
|
||
|
26760585000
|
heap
|
page read and write
|
||
|
4D8000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
26760580000
|
heap
|
page read and write
|
||
|
C4F917E000
|
stack
|
page read and write
|
||
|
26760597000
|
direct allocation
|
page read and write
|
||
|
267603A7000
|
direct allocation
|
page read and write
|
||
|
22AC77B0000
|
heap
|
page read and write
|
||
|
26762569000
|
direct allocation
|
page read and write
|
||
|
2676039B000
|
unkown
|
page read and write
|
||
|
20408B75000
|
heap
|
page read and write
|
||
|
25C5B890000
|
heap
|
page read and write
|
||
|
C4F8DDE000
|
stack
|
page read and write
|
||
|
26760353000
|
unkown
|
page read and write
|
||
|
773997E000
|
stack
|
page read and write
|
||
|
C1ED0FF000
|
stack
|
page read and write
|
||
|
22AC6190000
|
heap
|
page read and write
|
||
|
2676041A000
|
unkown
|
page read and write
|
||
|
25C5B900000
|
heap
|
page read and write
|
||
|
D9C3D7F000
|
stack
|
page read and write
|
||
|
25D6E649000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
75ED27E000
|
stack
|
page read and write
|
||
|
26760416000
|
unkown
|
page read and write
|
||
|
22AC5EF8000
|
heap
|
page read and write
|
||
|
267603FE000
|
unkown
|
page read and write
|
||
|
2676041E000
|
direct allocation
|
page read and write
|
||
|
26762550000
|
direct allocation
|
page read and write
|
||
|
C4F907F000
|
stack
|
page read and write
|
||
|
26762550000
|
direct allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
26760428000
|
direct allocation
|
page read and write
|
||
|
267603A5000
|
unkown
|
page read and write
|
||
|
75ED2FE000
|
stack
|
page read and write
|
||
|
26760340000
|
unkown
|
page read and write
|
||
|
22AC6195000
|
heap
|
page read and write
|
||
|
C1ED1FE000
|
stack
|
page read and write
|
||
|
C4F8D5C000
|
stack
|
page read and write
|
||
|
267603C6000
|
direct allocation
|
page read and write
|
||
|
26760416000
|
direct allocation
|
page read and write
|
||
|
25C5B820000
|
heap
|
page read and write
|
||
|
267603FC000
|
unkown
|
page read and write
|
||
|
26762568000
|
direct allocation
|
page read and write
|
||
|
26762550000
|
direct allocation
|
page read and write
|
||
|
2676234E000
|
direct allocation
|
page read and write
|
||
|
75ECF8F000
|
stack
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
26762550000
|
direct allocation
|
page read and write
|
||
|
75ECF0C000
|
stack
|
page read and write
|
||
|
77399FF000
|
stack
|
page read and write
|
||
|
26760412000
|
unkown
|
page read and write
|
||
|
20408AD0000
|
heap
|
page read and write
|
There are 106 hidden memdumps, click here to show them.