Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
download.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsp8E94.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Heize\Afreager.For
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Heize\Poserne\Bedugget39.Rus
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Heize\lang-1032.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\Heize\microphone-sensitivity-low-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\download.exe
|
C:\Users\user\Desktop\download.exe
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.avast.com0/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Congested\Named
|
Zoophagous
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Congested\Named
|
Zoophagous
|
||
|
HKEY_CURRENT_USER\Software\Studieplaner\Brnebogspris
|
Esurient57
|
||
|
HKEY_CURRENT_USER\Software\Miasms\Maskinskriverskerne38\Skrosten
|
Antigonorrheal
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
693F000
|
direct allocation
|
page execute and read and write
|
|
|
|
23EB1E00000
|
heap
|
page read and write
|
||
|
7AE000
|
unkown
|
page read and write
|
||
|
1BDEB45C000
|
heap
|
page read and write
|
||
|
1DA9206B000
|
heap
|
page read and write
|
||
|
20AA1890000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
349AF7B000
|
stack
|
page read and write
|
||
|
20281050000
|
heap
|
page read and write
|
||
|
23EB2802000
|
trusted library allocation
|
page read and write
|
||
|
2A5087F000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
23EB1DC0000
|
heap
|
page read and write
|
||
|
174C7D02000
|
heap
|
page read and write
|
||
|
46C3000
|
heap
|
page read and write
|
||
|
1AF6B028000
|
heap
|
page read and write
|
||
|
1DA92A02000
|
heap
|
page read and write
|
||
|
1BDEBC02000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
73B60000
|
unkown
|
page readonly
|
||
|
2028123A000
|
heap
|
page read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
20AA2413000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
174C9720000
|
trusted library allocation
|
page read and write
|
||
|
20AA238F000
|
heap
|
page read and write
|
||
|
7206C7E000
|
stack
|
page read and write
|
||
|
20281258000
|
heap
|
page read and write
|
||
|
90D867E000
|
stack
|
page read and write
|
||
|
23EB1E64000
|
heap
|
page read and write
|
||
|
90D832B000
|
stack
|
page read and write
|
||
|
32AB000
|
stack
|
page read and write
|
||
|
787000
|
unkown
|
page read and write
|
||
|
20281A02000
|
trusted library allocation
|
page read and write
|
||
|
1BDEB502000
|
heap
|
page read and write
|
||
|
23EB1E73000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
2440000
|
heap
|
page read and write
|
||
|
20AA1720000
|
heap
|
page read and write
|
||
|
73B61000
|
unkown
|
page execute read
|
||
|
1DA92013000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1BDEB2B0000
|
heap
|
page read and write
|
||
|
202810A0000
|
heap
|
page read and write
|
||
|
20281213000
|
heap
|
page read and write
|
||
|
4705000
|
heap
|
page read and write
|
||
|
2B6F000
|
stack
|
page read and write
|
||
|
1BDEBBC0000
|
trusted library allocation
|
page read and write
|
||
|
23EB1E69000
|
heap
|
page read and write
|
||
|
20AA188C000
|
heap
|
page read and write
|
||
|
1AF6B113000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
20AA17E0000
|
trusted library allocation
|
page read and write
|
||
|
24BDCFD000
|
stack
|
page read and write
|
||
|
20281040000
|
heap
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
20AA2423000
|
heap
|
page read and write
|
||
|
20AA1876000
|
heap
|
page read and write
|
||
|
B17000
|
heap
|
page read and write
|
||
|
2028124F000
|
heap
|
page read and write
|
||
|
20281241000
|
heap
|
page read and write
|
||
|
7C4B0AC000
|
stack
|
page read and write
|
||
|
23EB1E7B000
|
heap
|
page read and write
|
||
|
7206E7F000
|
stack
|
page read and write
|
||
|
1BDEB429000
|
heap
|
page read and write
|
||
|
1AF6B100000
|
heap
|
page read and write
|
||
|
1BDEB2C0000
|
heap
|
page read and write
|
||
|
20AA1800000
|
heap
|
page read and write
|
||
|
349AE7B000
|
stack
|
page read and write
|
||
|
23EB1E58000
|
heap
|
page read and write
|
||
|
1DA920C9000
|
heap
|
page read and write
|
||
|
12B8AA00000
|
heap
|
page read and write
|
||
|
174C7D18000
|
heap
|
page read and write
|
||
|
2ED8C7E000
|
stack
|
page read and write
|
||
|
1DA92B33000
|
heap
|
page read and write
|
||
|
553F000
|
direct allocation
|
page execute and read and write
|
||
|
20AA1873000
|
heap
|
page read and write
|
||
|
174C97A0000
|
remote allocation
|
page read and write
|
||
|
20281231000
|
heap
|
page read and write
|
||
|
23EB1E41000
|
heap
|
page read and write
|
||
|
20AA2202000
|
heap
|
page read and write
|
||
|
2ED907A000
|
stack
|
page read and write
|
||
|
1AF6B067000
|
heap
|
page read and write
|
||
|
90D83AE000
|
stack
|
page read and write
|
||
|
20AA2430000
|
heap
|
page read and write
|
||
|
23EB1F02000
|
heap
|
page read and write
|
||
|
20AA1829000
|
heap
|
page read and write
|
||
|
1BDEBBF0000
|
remote allocation
|
page read and write
|
||
|
1BDEB320000
|
heap
|
page read and write
|
||
|
1DA920E6000
|
heap
|
page read and write
|
||
|
7C4BC7D000
|
stack
|
page read and write
|
||
|
1DA920CB000
|
heap
|
page read and write
|
||
|
20AA198E000
|
heap
|
page read and write
|
||
|
12B8A810000
|
heap
|
page read and write
|
||
|
24BD9FF000
|
stack
|
page read and write
|
||
|
349B17E000
|
stack
|
page read and write
|
||
|
20281202000
|
heap
|
page read and write
|
||
|
20AA2343000
|
heap
|
page read and write
|
||
|
23EB1E43000
|
heap
|
page read and write
|
||
|
7D3F000
|
direct allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
23EB1E3C000
|
heap
|
page read and write
|
||
|
2A5097F000
|
stack
|
page read and write
|
||
|
2446000
|
heap
|
page read and write
|
||
|
174C7C02000
|
heap
|
page read and write
|
||
|
7C7000
|
unkown
|
page readonly
|
||
|
24BDAFD000
|
stack
|
page read and write
|
||
|
174C7C13000
|
heap
|
page read and write
|
||
|
461D000
|
heap
|
page read and write
|
||
|
1DA92085000
|
heap
|
page read and write
|
||
|
2ED8CFF000
|
stack
|
page read and write
|
||
|
20AA2308000
|
heap
|
page read and write
|
||
|
174C9690000
|
trusted library allocation
|
page read and write
|
||
|
73B65000
|
unkown
|
page readonly
|
||
|
23EB1E33000
|
heap
|
page read and write
|
||
|
1BDEB454000
|
heap
|
page read and write
|
||
|
B49000
|
heap
|
page read and write
|
||
|
20281252000
|
heap
|
page read and write
|
||
|
20AA23AF000
|
heap
|
page read and write
|
||
|
174C96E0000
|
trusted library allocation
|
page read and write
|
||
|
45EF000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
780000
|
unkown
|
page read and write
|
||
|
720707D000
|
stack
|
page read and write
|
||
|
5F3F000
|
direct allocation
|
page execute and read and write
|
||
|
174C7C63000
|
heap
|
page read and write
|
||
|
26ED000
|
stack
|
page read and write
|
||
|
8773EFC000
|
stack
|
page read and write
|
||
|
12B8AB13000
|
heap
|
page read and write
|
||
|
7206D7F000
|
stack
|
page read and write
|
||
|
877427D000
|
stack
|
page read and write
|
||
|
1DA92040000
|
heap
|
page read and write
|
||
|
1DA920BA000
|
heap
|
page read and write
|
||
|
20AA2354000
|
heap
|
page read and write
|
||
|
1AF6B102000
|
heap
|
page read and write
|
||
|
12B8A800000
|
heap
|
page read and write
|
||
|
1AF6AF80000
|
trusted library allocation
|
page read and write
|
||
|
1AF6BA02000
|
trusted library allocation
|
page read and write
|
||
|
12B8A970000
|
trusted library allocation
|
page read and write
|
||
|
1AF6B059000
|
heap
|
page read and write
|
||
|
1AF6B082000
|
heap
|
page read and write
|
||
|
23EB1D50000
|
heap
|
page read and write
|
||
|
20AA1889000
|
heap
|
page read and write
|
||
|
23EB1D60000
|
heap
|
page read and write
|
||
|
174C7C00000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
202811A0000
|
trusted library allocation
|
page read and write
|
||
|
20AA183C000
|
heap
|
page read and write
|
||
|
20AA2302000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2690000
|
heap
|
page read and write
|
||
|
12B8AA02000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
24BDFFF000
|
stack
|
page read and write
|
||
|
2FAE000
|
heap
|
page read and write
|
||
|
174C7D00000
|
heap
|
page read and write
|
||
|
349A93C000
|
stack
|
page read and write
|
||
|
20AA1843000
|
heap
|
page read and write
|
||
|
12B8AA3D000
|
heap
|
page read and write
|
||
|
174C7D13000
|
heap
|
page read and write
|
||
|
23EB1E7C000
|
heap
|
page read and write
|
||
|
174C7C49000
|
heap
|
page read and write
|
||
|
23EB1E75000
|
heap
|
page read and write
|
||
|
1DA92000000
|
heap
|
page read and write
|
||
|
174C97A0000
|
remote allocation
|
page read and write
|
||
|
12B8AA24000
|
heap
|
page read and write
|
||
|
12B8AA75000
|
heap
|
page read and write
|
||
|
2028123C000
|
heap
|
page read and write
|
||
|
2ED937B000
|
stack
|
page read and write
|
||
|
20AA1913000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
23EB1E47000
|
heap
|
page read and write
|
||
|
20AA236B000
|
heap
|
page read and write
|
||
|
174C96B0000
|
trusted library allocation
|
page read and write
|
||
|
12B8A870000
|
heap
|
page read and write
|
||
|
2A5077C000
|
stack
|
page read and write
|
||
|
20AA23BC000
|
heap
|
page read and write
|
||
|
7C4B8FE000
|
stack
|
page read and write
|
||
|
23EB1E7A000
|
heap
|
page read and write
|
||
|
7C4B97B000
|
stack
|
page read and write
|
||
|
1DA91F30000
|
heap
|
page read and write
|
||
|
B55000
|
heap
|
page read and write
|
||
|
23EB1E61000
|
heap
|
page read and write
|
||
|
2ECA000
|
heap
|
page read and write
|
||
|
1DA920E1000
|
heap
|
page read and write
|
||
|
465F000
|
heap
|
page read and write
|
||
|
23EB1E5D000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
174C7C7D000
|
heap
|
page read and write
|
||
|
24BE1FF000
|
stack
|
page read and write
|
||
|
7C4BB7F000
|
stack
|
page read and write
|
||
|
2ED917F000
|
stack
|
page read and write
|
||
|
1AF6B013000
|
heap
|
page read and write
|
||
|
20AA2300000
|
heap
|
page read and write
|
||
|
1BDEB43D000
|
heap
|
page read and write
|
||
|
1AF6AEE0000
|
heap
|
page read and write
|
||
|
90D8AFF000
|
stack
|
page read and write
|
||
|
174C7BF0000
|
heap
|
page read and write
|
||
|
23EB1E6D000
|
heap
|
page read and write
|
||
|
174C7C48000
|
heap
|
page read and write
|
||
|
20AA1887000
|
heap
|
page read and write
|
||
|
23EB1E78000
|
heap
|
page read and write
|
||
|
1AF6AEF0000
|
heap
|
page read and write
|
||
|
174C7C59000
|
heap
|
page read and write
|
||
|
877398B000
|
stack
|
page read and write
|
||
|
7C4B7FC000
|
stack
|
page read and write
|
||
|
23EB1E3E000
|
heap
|
page read and write
|
||
|
23EB1E29000
|
heap
|
page read and write
|
||
|
1DA92102000
|
heap
|
page read and write
|
||
|
2028124C000
|
heap
|
page read and write
|
||
|
87740FD000
|
stack
|
page read and write
|
||
|
23EB1E60000
|
heap
|
page read and write
|
||
|
23EB1DF0000
|
trusted library allocation
|
page read and write
|
||
|
174C7C3D000
|
heap
|
page read and write
|
||
|
7C6000
|
unkown
|
page read and write
|
||
|
2A50679000
|
stack
|
page read and write
|
||
|
24BDEFF000
|
stack
|
page read and write
|
||
|
720668B000
|
stack
|
page read and write
|
||
|
23EB1E84000
|
heap
|
page read and write
|
||
|
20AA2427000
|
heap
|
page read and write
|
||
|
90D87FF000
|
stack
|
page read and write
|
||
|
7C4B67F000
|
stack
|
page read and write
|
||
|
23EB1E62000
|
heap
|
page read and write
|
||
|
87743FD000
|
stack
|
page read and write
|
||
|
4580000
|
heap
|
page read and write
|
||
|
7C4B4FC000
|
stack
|
page read and write
|
||
|
20AA1854000
|
heap
|
page read and write
|
||
|
B92000
|
heap
|
page read and write
|
||
|
1AF6B000000
|
heap
|
page read and write
|
||
|
20AA2322000
|
heap
|
page read and write
|
||
|
24BD67B000
|
stack
|
page read and write
|
||
|
174C9802000
|
trusted library allocation
|
page read and write
|
||
|
7C4BA7C000
|
stack
|
page read and write
|
||
|
12B8AA13000
|
heap
|
page read and write
|
||
|
23EB1E4F000
|
heap
|
page read and write
|
||
|
20AA2400000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
1DA91F90000
|
heap
|
page read and write
|
||
|
1AF6B07B000
|
heap
|
page read and write
|
||
|
2A5012B000
|
stack
|
page read and write
|
||
|
23EB1E76000
|
heap
|
page read and write
|
||
|
174C7B80000
|
heap
|
page read and write
|
||
|
2F4A000
|
heap
|
page read and write
|
||
|
2FFA000
|
heap
|
page read and write
|
||
|
20AA1858000
|
heap
|
page read and write
|
||
|
174C7C49000
|
heap
|
page read and write
|
||
|
BF5000
|
heap
|
page read and write
|
||
|
2F8C000
|
heap
|
page read and write
|
||
|
20AA1843000
|
heap
|
page read and write
|
||
|
8773E7F000
|
stack
|
page read and write
|
||
|
1DA91FC0000
|
trusted library allocation
|
page read and write
|
||
|
7C4B77E000
|
stack
|
page read and write
|
||
|
4980000
|
direct allocation
|
page execute and read and write
|
||
|
20AA1790000
|
heap
|
page read and write
|
||
|
1BDEB402000
|
heap
|
page read and write
|
||
|
20AA19B9000
|
heap
|
page read and write
|
||
|
20AA2402000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
24BE0FF000
|
stack
|
page read and write
|
||
|
20281302000
|
heap
|
page read and write
|
||
|
7C4BD7E000
|
stack
|
page read and write
|
||
|
2A5057E000
|
stack
|
page read and write
|
||
|
20AA1890000
|
heap
|
page read and write
|
||
|
349B07E000
|
stack
|
page read and write
|
||
|
1DA92029000
|
heap
|
page read and write
|
||
|
4681000
|
heap
|
page read and write
|
||
|
20AA1730000
|
heap
|
page read and write
|
||
|
20281200000
|
heap
|
page read and write
|
||
|
12B8AA55000
|
heap
|
page read and write
|
||
|
264F000
|
stack
|
page read and write
|
||
|
20281229000
|
heap
|
page read and write
|
||
|
995000
|
heap
|
page read and write
|
||
|
24BDDFF000
|
stack
|
page read and write
|
||
|
1DA91F20000
|
heap
|
page read and write
|
||
|
20AA1825000
|
heap
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
2ED8DFF000
|
stack
|
page read and write
|
||
|
174C7C2A000
|
heap
|
page read and write
|
||
|
B3C000
|
heap
|
page read and write
|
||
|
20AA19E5000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
1BDEB400000
|
heap
|
page read and write
|
||
|
23EB1E59000
|
heap
|
page read and write
|
||
|
1BDEBBF0000
|
remote allocation
|
page read and write
|
||
|
23EB1E13000
|
heap
|
page read and write
|
||
|
24BD87B000
|
stack
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
AC4000
|
heap
|
page read and write
|
||
|
7A9000
|
unkown
|
page read and write
|
||
|
23EB1E5B000
|
heap
|
page read and write
|
||
|
12B8B202000
|
trusted library allocation
|
page read and write
|
||
|
174C7C58000
|
heap
|
page read and write
|
||
|
90D89FE000
|
stack
|
page read and write
|
||
|
1BDEBBF0000
|
remote allocation
|
page read and write
|
||
|
1AF6B03E000
|
heap
|
page read and write
|
||
|
720727C000
|
stack
|
page read and write
|
||
|
1BDEB413000
|
heap
|
page read and write
|
||
|
B5B000
|
heap
|
page read and write
|
||
|
2ED927E000
|
stack
|
page read and write
|
||
|
73B63000
|
unkown
|
page readonly
|
||
|
174C7C59000
|
heap
|
page read and write
|
||
|
23EB1E7F000
|
heap
|
page read and write
|
||
|
23EB1E49000
|
heap
|
page read and write
|
||
|
174C7B90000
|
heap
|
page read and write
|
||
|
877417E000
|
stack
|
page read and write
|
||
|
23EB1E46000
|
heap
|
page read and write
|
||
|
20AA2322000
|
heap
|
page read and write
|
||
|
2ED8F79000
|
stack
|
page read and write
|
||
|
BF7000
|
heap
|
page read and write
|
||
|
1AF6B06A000
|
heap
|
page read and write
|
||
|
7206F7C000
|
stack
|
page read and write
|
||
|
733F000
|
direct allocation
|
page execute and read and write
|
||
|
2ED88FB000
|
stack
|
page read and write
|
||
|
23EB1E96000
|
heap
|
page read and write
|
||
|
23EB1E74000
|
heap
|
page read and write
|
||
|
12B8AB02000
|
heap
|
page read and write
|
||
|
12B8AA29000
|
heap
|
page read and write
|
||
|
785000
|
unkown
|
page read and write
|
||
|
20AA17C0000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
4B3F000
|
direct allocation
|
page execute and read and write
|
||
|
1AF6B002000
|
heap
|
page read and write
|
||
|
7C7000
|
unkown
|
page readonly
|
||
|
20AA1813000
|
heap
|
page read and write
|
||
|
77B000
|
unkown
|
page read and write
|
||
|
1DA920C3000
|
heap
|
page read and write
|
||
|
1DA92B00000
|
heap
|
page read and write
|
||
|
174C97A0000
|
remote allocation
|
page read and write
|
||
|
1AF6AF50000
|
heap
|
page read and write
|
||
|
90D88FE000
|
stack
|
page read and write
|
||
|
174C7C8A000
|
heap
|
page read and write
|
||
|
23EB1E66000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
12B8AA5A000
|
heap
|
page read and write
|
||
|
2ED8EFB000
|
stack
|
page read and write
|
||
|
1DA92113000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
There are 330 hidden memdumps, click here to show them.