Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\server.exe
|
C:\Users\user\Desktop\server.exe
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://31.41.
|
unknown
|
||
|
http://5.44.43.17/drew/f9GHjdJnehI_2BX/Ne5g2ordmIOToC91gh/mNbzuN3c2/5AW_2FtlsPkVoHj0AzU6/Pm6UGSYAVX5awiiNdCX/eNOyKJzs_2F6vuQoDvWCQ0/1kQi8Yq7709M2/upQopQi2/s9QJW0HP19fXNX5NpkaC7rS/XtTUHeQq7L/Mwx2fdHiqqVJIhw5T/ErHqsGRIPLQF/P1EQ7mB71HQ/eppTj5uvam1edz/PvmLkUCCoHuafjeSLYKxe/uQzSahqYp69cTJ2o/M6RFmPe3MSlVrTk/KwEVVAo6CnR9Fpgg/f20Iv.jlk
|
5.44.43.17
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checklist.skype.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.44.43.17
|
unknown
|
Russian Federation
|
||
|
31.41.44.108
|
unknown
|
Russian Federation
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
53D8000
|
heap
|
page read and write
|
|
|
|
27696E80000
|
heap
|
page read and write
|
||
|
27697105000
|
heap
|
page read and write
|
||
|
27696F85000
|
heap
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
27697C00000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
411000
|
unkown
|
page write copy
|
||
|
B88257D000
|
stack
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
53DB000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
53DB000
|
heap
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
27696F30000
|
trusted library allocation
|
page read and write
|
||
|
27696F48000
|
heap
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
4DB9000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
5B2C000
|
stack
|
page read and write
|
||
|
403000
|
unkown
|
page execute and read and write
|
||
|
2BC8000
|
heap
|
page execute and read and write
|
||
|
27697100000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
27696FA9000
|
heap
|
page read and write
|
||
|
27696F8D000
|
heap
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
27697110000
|
trusted library allocation
|
page read and write
|
||
|
4A40000
|
heap
|
page read and write
|
||
|
479C000
|
stack
|
page read and write
|
||
|
2B99000
|
unclassified section
|
page readonly
|
||
|
498E000
|
stack
|
page read and write
|
||
|
27696D40000
|
heap
|
page read and write
|
||
|
27696F50000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
276970D0000
|
heap
|
page readonly
|
||
|
47A0000
|
heap
|
page read and write
|
||
|
2BDE000
|
heap
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
2AE9000
|
unkown
|
page readonly
|
||
|
276970C0000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
direct allocation
|
page execute and read and write
|
||
|
B8826F9000
|
stack
|
page read and write
|
||
|
27696FA5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
B88247F000
|
stack
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
2C25000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
5A2F000
|
stack
|
page read and write
|
||
|
582F000
|
stack
|
page read and write
|
||
|
27697E10000
|
trusted library allocation
|
page read and write
|
||
|
405000
|
unkown
|
page execute and read and write
|
||
|
48AC000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page write copy
|
||
|
27696EA0000
|
heap
|
page read and write
|
||
|
27696F8D000
|
heap
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
27696D50000
|
trusted library allocation
|
page read and write
|
||
|
490E000
|
stack
|
page read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
B8824FF000
|
stack
|
page read and write
|
||
|
27696F40000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page execute and read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
27696F10000
|
trusted library allocation
|
page read and write
|
||
|
27696F20000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page execute and read and write
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
B88267E000
|
stack
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
4E8D000
|
stack
|
page read and write
|
||
|
27697E50000
|
trusted library allocation
|
page read and write
|
||
|
B8821FB000
|
stack
|
page read and write
|
||
|
2BBA000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
2B90000
|
unclassified section
|
page read and write
|
||
|
276970E0000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
unkown
|
page readonly
|
||
|
B88277F000
|
stack
|
page read and write
|
||
|
27697109000
|
heap
|
page read and write
|
||
|
2B30000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
B8825F9000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page read and write
|
||
|
2B9A000
|
unclassified section
|
page read and write
|
||
|
40F000
|
unkown
|
page execute read
|
||
|
2B91000
|
unclassified section
|
page execute read
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
27696F8D000
|
heap
|
page read and write
|
||
|
2B9C000
|
unclassified section
|
page readonly
|
||
|
4E38000
|
heap
|
page read and write
|
||
|
5C2A000
|
stack
|
page read and write
|
There are 98 hidden memdumps, click here to show them.