Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
06625899.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\22919964096183665961703616
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 4, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\36067264576515806059430256
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie
0x19, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\50764714324176067669882221
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 4, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\ProgramData\57469657185917597184786931
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 17, database pages 7, 1st free page 5, free pages
2, cookie 0x13, schema 4, UTF-8, version-valid-for 17
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\06625899.exe
|
C:\Users\user\Desktop\06625899.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://t.me/
|
unknown
|
||
|
https://t.me/looking_glassbot
|
149.154.167.99
|
||
|
http://188.34.154.187:30303;
|
unknown
|
||
|
https://t.me/looking_glassbotJ
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
http://188.34.154.187:30303
|
unknown
|
||
|
http://188.34.154.187:30303/:
|
unknown
|
||
|
http://ctldl.windowsup30303/667e85c8112da056f901292caf82b3ed
|
unknown
|
||
|
http://188.34.154.187:30303//
|
unknown
|
||
|
http://188.34.154.187:30303/addon.zip=u&y
|
unknown
|
||
|
http://188.34.154.187:30303/n
|
unknown
|
||
|
http://188.34.154.187:30303/667e85c8112da056f901292caf82b3edZ5
|
unknown
|
||
|
https://search.yahoo.com?fr=crmas_sfpf
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
|
unknown
|
||
|
http://23.88.46.113/667e85c8112da056f901292caf82b3ed8
|
unknown
|
||
|
http://23.88.46.113/667e85c8112da056f901292caf82b3edx
|
unknown
|
||
|
http://188.34.154.187:30303/e5
|
unknown
|
||
|
http://23.88.46.113:8A
|
unknown
|
||
|
https://t.me/looking_glassbotC
|
unknown
|
||
|
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
|
unknown
|
||
|
https://freebl3.dllmozglue.dllmsvcp140.dllnss3.dllsoftokn3.dllvcruntime140.dll
|
unknown
|
||
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://search.yahoo.com?fr=crmas_sfp
|
unknown
|
||
|
http://188.34.154.187:30303/T
|
unknown
|
||
|
https://t.me/V
|
unknown
|
||
|
http://23.88.46.113/667e85c8112da056f901292caf82b3ed
|
unknown
|
||
|
http://23.88.46.113:80
|
unknown
|
||
|
http://188.34.154.187:30303/667e85c8112da056f901292caf82b3ed
|
188.34.154.187
|
||
|
https://steamcommunity.com/profiles/76561199508624021
|
|||
|
http://188.34.154.187:30303/CVOHV.xlsx
|
unknown
|
||
|
http://188.34.154.187:30303/addon.zip
|
188.34.154.187
|
||
|
http://23.88.46.113:80/
|
unknown
|
||
|
http://188.34.154.187:30303/
|
188.34.154.187
|
||
|
http://23.88.46.113:80peppppzxc.ziphttps://t.me/looking_glassbotlookataddon.zipMozilla/5.0
|
unknown
|
||
|
http://188.34.154.187:30303/addon.zip&u;y
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
http://188.34.154.187:30303/addon.zip0
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://steamcommunity.com/profiles/76561199508624021openopen_NULL%s
|
unknown
|
There are 32 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
t.me
|
149.154.167.99
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.34.154.187
|
unknown
|
Germany
|
||
|
149.154.167.99
|
t.me
|
United Kingdom
|
||
|
23.88.46.113
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2320000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
2380000
|
direct allocation
|
page read and write
|
|
|
|
7D4000
|
heap
|
page read and write
|
||
|
3020000
|
remote allocation
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
61ECC000
|
direct allocation
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2A5F000
|
stack
|
page read and write
|
||
|
243E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
61ECD000
|
direct allocation
|
page readonly
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
464000
|
unkown
|
page execute and read and write
|
||
|
2E9C000
|
stack
|
page read and write
|
||
|
8CB000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31BB000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
17A000
|
stack
|
page read and write
|
||
|
61E01000
|
direct allocation
|
page execute read
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
B1F000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E5B0000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
61ED3000
|
direct allocation
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E143000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3020000
|
remote allocation
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E040000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31BB000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
3020000
|
remote allocation
|
page read and write
|
||
|
61ED0000
|
direct allocation
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
260D000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E680000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
EE1D000
|
heap
|
page read and write
|
||
|
32EE000
|
heap
|
page read and write
|
||
|
61EB7000
|
direct allocation
|
page readonly
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
61ED4000
|
direct allocation
|
page readonly
|
||
|
61EB4000
|
direct allocation
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
178000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7FA3000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E052000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31AF000
|
heap
|
page read and write
|
||
|
E670000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E681000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2D5A000
|
stack
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
258F000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
315F000
|
stack
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
E90A000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31AA000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3277000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E58C000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
61E00000
|
direct allocation
|
page execute and read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E030000
|
heap
|
page read and write
|
||
|
467000
|
unkown
|
page execute and read and write
|
||
|
E05E000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3570000
|
unclassified section
|
page read and write
|
||
|
31AF000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
E48C000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2B5F000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
68C000
|
unkown
|
page readonly
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
446000
|
unkown
|
page write copy
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
E681000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
82A000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
318B000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
DF12000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
E900000
|
heap
|
page read and write
|
||
|
8F2000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
2318000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
23FE000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
3299000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
68C000
|
unkown
|
page readonly
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
838000
|
heap
|
page execute and read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
317A000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
25C5000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
247E000
|
stack
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
||
|
7D4000
|
heap
|
page read and write
|
There are 256 hidden memdumps, click here to show them.