Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL04AWB01173903102023PDF.scr.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nseEDA7.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsoF960.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Apicad\Outjinx\Nonnavigableness\Competed\Coccosteid.Udr
|
data
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Clavichordist\benenders\Actionfilm\Sortsrenheden\TableTextServiceYi.txt
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Clavichordist\benenders\Actionfilm\Sortsrenheden\Z_Custom2.ini
|
Generic INItialization configuration [allData0]
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Clavichordist\benenders\Actionfilm\Sortsrenheden\msado25.tlb
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Counts\Convolution\Dottily\ArtDeco_brown_22.bmp
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=3], baseline, precision 8, 110x110, components 3
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Counts\Convolution\Dottily\Iconology.Ess
|
ASCII text, with very long lines (57606), with no line terminators
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Extracorpuscular\APM_DefConvertor.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Thonny\Yderligheders\Samtalernes\Sikkerhedsventilen\ContactsApi.dll
|
PE32+ executable (DLL) (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\Nonhieratical\Thonny\Yderligheders\Samtalernes\Sikkerhedsventilen\Sports-Wallpapers-1.jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x786,
components 3
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHL04AWB01173903102023PDF.scr.exe
|
C:\Users\user\Desktop\DHL04AWB01173903102023PDF.scr.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://www.nero.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Goodtemperedness\Rendets
|
Skramles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Undisguisedness\Landboeres\Usseligt
|
Servicearbejde
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6825000
|
direct allocation
|
page execute and read and write
|
|
|
|
409000
|
unkown
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
541000
|
heap
|
page read and write
|
||
|
539000
|
heap
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
51F000
|
heap
|
page read and write
|
||
|
15EEDBE0000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
15EEDFE0000
|
trusted library allocation
|
page read and write
|
||
|
15EEDF60000
|
trusted library allocation
|
page read and write
|
||
|
15EEDDB0000
|
trusted library allocation
|
page read and write
|
||
|
50F000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
7225000
|
direct allocation
|
page execute and read and write
|
||
|
15EEEB90000
|
trusted library allocation
|
page read and write
|
||
|
15EEDE7B000
|
heap
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
15EEDDD0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
44C000
|
unkown
|
page read and write
|
||
|
15EEDF70000
|
heap
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
407000
|
unkown
|
page readonly
|
||
|
227E000
|
stack
|
page read and write
|
||
|
1FC61FE000
|
stack
|
page read and write
|
||
|
2948000
|
heap
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
24F4000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
293F000
|
stack
|
page read and write
|
||
|
15EEDBF0000
|
trusted library allocation
|
page read and write
|
||
|
2942000
|
heap
|
page read and write
|
||
|
29B2000
|
heap
|
page read and write
|
||
|
15EEDE5C000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
15EEE0A0000
|
trusted library allocation
|
page read and write
|
||
|
15EEDF90000
|
trusted library allocation
|
page read and write
|
||
|
2328000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
15EEE095000
|
heap
|
page read and write
|
||
|
344C000
|
stack
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
51D000
|
heap
|
page read and write
|
||
|
4DA000
|
heap
|
page read and write
|
||
|
50B000
|
heap
|
page read and write
|
||
|
1FC5FF9000
|
stack
|
page read and write
|
||
|
549000
|
heap
|
page read and write
|
||
|
3152000
|
heap
|
page read and write
|
||
|
24E0000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
549000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15EEDE20000
|
heap
|
page read and write
|
||
|
44E000
|
unkown
|
page readonly
|
||
|
2320000
|
heap
|
page read and write
|
||
|
1FC60FE000
|
stack
|
page read and write
|
||
|
299F000
|
heap
|
page read and write
|
||
|
1FC6079000
|
stack
|
page read and write
|
||
|
22F0000
|
trusted library section
|
page read and write
|
||
|
15EEDDC0000
|
trusted library allocation
|
page read and write
|
||
|
242F000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
22E0000
|
trusted library section
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
5E25000
|
direct allocation
|
page execute and read and write
|
||
|
15EEDE71000
|
heap
|
page read and write
|
||
|
15EEDE5C000
|
heap
|
page read and write
|
||
|
5425000
|
direct allocation
|
page execute and read and write
|
||
|
223E000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
542000
|
heap
|
page read and write
|
||
|
5260000
|
direct allocation
|
page execute and read and write
|
||
|
51D000
|
heap
|
page read and write
|
||
|
2300000
|
trusted library section
|
page read and write
|
||
|
526000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
15EEDE5C000
|
heap
|
page read and write
|
||
|
1FC6179000
|
stack
|
page read and write
|
||
|
15EEDE7A000
|
heap
|
page read and write
|
||
|
334D000
|
stack
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
1FC5E7C000
|
stack
|
page read and write
|
||
|
15EEE099000
|
heap
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
518000
|
heap
|
page read and write
|
||
|
542000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
7C25000
|
direct allocation
|
page execute and read and write
|
||
|
15EEE090000
|
heap
|
page read and write
|
||
|
15EEDE54000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
15EEDF80000
|
trusted library allocation
|
page read and write
|
||
|
15EEDD40000
|
heap
|
page read and write
|
||
|
50A000
|
heap
|
page read and write
|
||
|
15EEDE5B000
|
heap
|
page read and write
|
||
|
15EEDE18000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
15EEDD20000
|
heap
|
page read and write
|
||
|
15EEDE10000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
51F000
|
heap
|
page read and write
|
There are 101 hidden memdumps, click here to show them.