Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DEKONT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DEKONT.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 63
|
ASCII text, with very long lines (1746)
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
ASCII text, with very long lines (769)
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
ASCII text, with very long lines (770)
|
downloaded
|
||
|
Chrome Cache Entry: 66
|
PNG image data, 106 x 5210, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 68
|
ASCII text, with very long lines (2200)
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
ASCII text, with very long lines (736)
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
ASCII text, with very long lines (1658)
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
ASCII text, with very long lines (65531)
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
PNG image data, 106 x 5210, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 73
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 74
|
ASCII text, with very long lines (3572), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 75
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 76
|
ASCII text, with very long lines (2124)
|
downloaded
|
||
|
Chrome Cache Entry: 77
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
|
Chrome Cache Entry: 78
|
ASCII text, with very long lines (2956)
|
downloaded
|
||
|
Chrome Cache Entry: 79
|
HTML document, ASCII text, with very long lines (20704)
|
downloaded
|
||
|
Chrome Cache Entry: 80
|
ASCII text
|
downloaded
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DEKONT.exe
|
"C:\Users\user\Desktop\DEKONT.exe"
|
|
|
|
C:\Users\user\Desktop\DEKONT.exe
|
"C:\Users\user\Desktop\DEKONT.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://545930702158920859543557034480401517872328570392444593641395838190185/
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1984,i,5147701504775830983,442634706255467901,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ogs.google.com/
|
unknown
|
||
|
http://www.broofa.com
|
unknown
|
||
|
https://apis.google.com/js/api.js
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/89.187.182.8
|
172.67.177.134
|
||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://www.google.com/async/newtab_promos
|
142.250.191.196
|
||
|
https://play.google.com/log?format=json&hasfast=true&authuser=0
|
142.250.190.46
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
|
unknown
|
||
|
https://plus.google.com
|
unknown
|
||
|
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
|
unknown
|
||
|
https://www.google.com/async/ddljson?async=ntp:2
|
142.250.191.196
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.250.191.196
|
||
|
http://checkip.dyndns.org/
|
132.226.8.169
|
||
|
https://csp.withgoogle.com/csp/lcreport/
|
unknown
|
||
|
https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
|
|||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://scratchdreams.tk
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SCWmpDDGjPk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_Pl64J0IIHlj2zBtEJ3ZwdaJC3HA/cb=gapi.loaded_0
|
142.250.191.142
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://scratchdreams.tk/_send_.php?TS
|
172.67.169.18
|
||
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.250.191.196
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ogs.google.com/widget/app/so
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/89.187.182.8$
|
unknown
|
||
|
https://domains.google.com/suggest/flow
|
unknown
|
||
|
http://scratchdreams.tk
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 23 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checkip.dyndns.org
|
unknown
|
|
|
|
plus.l.google.com
|
142.250.191.142
|
||
|
www3.l.google.com
|
142.250.191.110
|
||
|
play.google.com
|
142.250.190.46
|
||
|
reallyfreegeoip.org
|
172.67.177.134
|
||
|
www.google.com
|
142.250.191.196
|
||
|
scratchdreams.tk
|
172.67.169.18
|
||
|
checkip.dyndns.com
|
132.226.8.169
|
||
|
ogs.google.com
|
unknown
|
||
|
apis.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
132.226.8.169
|
checkip.dyndns.com
|
United States
|
||
|
142.250.190.142
|
unknown
|
United States
|
||
|
142.250.190.46
|
play.google.com
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
192.168.2.22
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.67.169.18
|
scratchdreams.tk
|
United States
|
||
|
142.250.191.110
|
www3.l.google.com
|
United States
|
||
|
142.250.191.142
|
plus.l.google.com
|
United States
|
||
|
172.67.177.134
|
reallyfreegeoip.org
|
United States
|
||
|
142.250.191.196
|
www.google.com
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DEKONT_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2811000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
29C7000
|
trusted library allocation
|
page read and write
|
|
|
|
5C90000
|
trusted library section
|
page read and write
|
|
|
|
31C9000
|
trusted library allocation
|
page read and write
|
|
|
|
42CE000
|
trusted library allocation
|
page read and write
|
|
|
|
7460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1408000
|
heap
|
page read and write
|
||
|
1496000
|
heap
|
page read and write
|
||
|
4D25000
|
trusted library allocation
|
page read and write
|
||
|
2A79000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
D74000
|
unkown
|
page readonly
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
CE2000
|
unkown
|
page readonly
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
D35000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A56000
|
trusted library allocation
|
page read and write
|
||
|
3898000
|
trusted library allocation
|
page read and write
|
||
|
3161000
|
trusted library allocation
|
page read and write
|
||
|
5C4E000
|
stack
|
page read and write
|
||
|
6B10000
|
heap
|
page read and write
|
||
|
275E000
|
stack
|
page read and write
|
||
|
29B4000
|
trusted library allocation
|
page read and write
|
||
|
630E000
|
stack
|
page read and write
|
||
|
5860000
|
heap
|
page execute and read and write
|
||
|
3159000
|
trusted library allocation
|
page read and write
|
||
|
29B7000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
140E000
|
heap
|
page read and write
|
||
|
D03000
|
trusted library allocation
|
page execute and read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
2A6A000
|
trusted library allocation
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
2AB3000
|
trusted library allocation
|
page read and write
|
||
|
5637000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page read and write
|
||
|
1392000
|
trusted library allocation
|
page read and write
|
||
|
A63F000
|
stack
|
page read and write
|
||
|
D26000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AF5000
|
heap
|
page read and write
|
||
|
52AE000
|
unkown
|
page read and write
|
||
|
4E60000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
5F4E000
|
stack
|
page read and write
|
||
|
7E3E000
|
stack
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
40F1000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
A39000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
trusted library allocation
|
page read and write
|
||
|
18D0000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
7380000
|
heap
|
page read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7520000
|
trusted library allocation
|
page read and write
|
||
|
298B000
|
trusted library allocation
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
4D1D000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2912000
|
trusted library allocation
|
page read and write
|
||
|
14D2000
|
heap
|
page read and write
|
||
|
1373000
|
trusted library allocation
|
page execute and read and write
|
||
|
143E000
|
heap
|
page read and write
|
||
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
2AA6000
|
trusted library allocation
|
page read and write
|
||
|
56F3000
|
heap
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
557B000
|
trusted library allocation
|
page read and write
|
||
|
522C000
|
stack
|
page read and write
|
||
|
50AD000
|
stack
|
page read and write
|
||
|
512C000
|
stack
|
page read and write
|
||
|
5632000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
1396000
|
trusted library allocation
|
page execute and read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
28CF000
|
trusted library allocation
|
page read and write
|
||
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
1426000
|
heap
|
page read and write
|
||
|
28E7000
|
trusted library allocation
|
page read and write
|
||
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
13AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
4D22000
|
trusted library allocation
|
page read and write
|
||
|
A37000
|
trusted library allocation
|
page read and write
|
||
|
2A7D000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1157000
|
stack
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
18E7000
|
heap
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
2A74000
|
trusted library allocation
|
page read and write
|
||
|
7962000
|
trusted library allocation
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
CCB000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page execute and read and write
|
||
|
1620000
|
heap
|
page read and write
|
||
|
2946000
|
trusted library allocation
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
28FE000
|
trusted library allocation
|
page read and write
|
||
|
4E50000
|
heap
|
page execute and read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
4147000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
294A000
|
trusted library allocation
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
61CF000
|
stack
|
page read and write
|
||
|
137D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E63000
|
heap
|
page read and write
|
||
|
18C0000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
618D000
|
stack
|
page read and write
|
||
|
1059000
|
stack
|
page read and write
|
||
|
D32000
|
trusted library allocation
|
page read and write
|
||
|
559D000
|
trusted library allocation
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page execute and read and write
|
||
|
55A2000
|
trusted library allocation
|
page read and write
|
||
|
2A61000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
D22000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
294E000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
CE0000
|
unkown
|
page readonly
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
752E000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library section
|
page readonly
|
||
|
8E57000
|
trusted library allocation
|
page read and write
|
||
|
7397000
|
heap
|
page read and write
|
||
|
B4E000
|
heap
|
page read and write
|
||
|
5C80000
|
trusted library section
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
770E000
|
stack
|
page read and write
|
||
|
139A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5CA000
|
stack
|
page read and write
|
||
|
15FF000
|
stack
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
C3B000
|
trusted library allocation
|
page read and write
|
||
|
5591000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
40F9000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
2AE4000
|
trusted library allocation
|
page read and write
|
||
|
30BD000
|
stack
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
3873000
|
trusted library allocation
|
page read and write
|
||
|
604F000
|
stack
|
page read and write
|
||
|
3629000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
4D16000
|
trusted library allocation
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
5C50000
|
trusted library section
|
page read and write
|
||
|
A43E000
|
stack
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
28C3000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
D78000
|
unkown
|
page readonly
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
41E3000
|
trusted library allocation
|
page read and write
|
||
|
A53F000
|
stack
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
5A5D000
|
stack
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
5AF0000
|
heap
|
page read and write
|
||
|
55B5000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
trusted library allocation
|
page execute and read and write
|
||
|
D3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
5596000
|
trusted library allocation
|
page read and write
|
||
|
28B2000
|
trusted library allocation
|
page read and write
|
||
|
28B7000
|
trusted library allocation
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
4D11000
|
trusted library allocation
|
page read and write
|
||
|
2AAD000
|
trusted library allocation
|
page read and write
|
||
|
8E40000
|
trusted library allocation
|
page read and write
|
||
|
D37000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
4CF6000
|
trusted library allocation
|
page read and write
|
||
|
57BB000
|
stack
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
28CC000
|
trusted library allocation
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
2998000
|
trusted library allocation
|
page read and write
|
||
|
2A5B000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
297D000
|
trusted library allocation
|
page read and write
|
||
|
49AE000
|
stack
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page execute and read and write
|
||
|
5B35000
|
heap
|
page read and write
|
||
|
2956000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
heap
|
page read and write
|
||
|
28BA000
|
trusted library allocation
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
4D0A000
|
trusted library allocation
|
page read and write
|
||
|
8F7000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
heap
|
page read and write
|
||
|
1374000
|
trusted library allocation
|
page read and write
|
||
|
5CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
388F000
|
trusted library allocation
|
page read and write
|
||
|
736C000
|
heap
|
page read and write
|
||
|
30F1000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page execute and read and write
|
||
|
51AF000
|
stack
|
page read and write
|
||
|
295E000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
558E000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library section
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
A73F000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
4195000
|
trusted library allocation
|
page read and write
|
||
|
60AF000
|
heap
|
page read and write
|
||
|
4D0E000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
13A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
124E000
|
stack
|
page read and write
|
||
|
290A000
|
trusted library allocation
|
page read and write
|
||
|
4CFE000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
4CFB000
|
trusted library allocation
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
C2E000
|
stack
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
6050000
|
heap
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
38A4000
|
trusted library allocation
|
page read and write
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
A3C000
|
trusted library allocation
|
page read and write
|
||
|
27E4000
|
trusted library allocation
|
page read and write
|
||
|
290E000
|
trusted library allocation
|
page read and write
|
||
|
3839000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
heap
|
page read and write
|
There are 272 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
|