Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DNXS-04-22.exe
|
"C:\Users\user\Desktop\DNXS-04-22.exe"
|
 |
|
|
C:\Users\user\Desktop\DNXS-04-22.exe
|
"C:\Users\user\Desktop\DNXS-04-22.exe"
|
|
|
|
C:\Users\user\Desktop\DNXS-04-22.exe
|
"C:\Users\user\Desktop\DNXS-04-22.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://checkip.dyndns.org/
|
193.122.130.0
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://scratchdreams.tk
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/191.96.150.225
|
104.21.67.152
|
||
|
https://scratchdreams.tk/_send_.php?TS
|
104.21.27.85
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsdAProNaturBio.Properties.Resources
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://scratchdreams.tk
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/191.96.150.225$
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checkip.dyndns.org
|
unknown
|
|
|
|
reallyfreegeoip.org
|
104.21.67.152
|
||
|
scratchdreams.tk
|
104.21.27.85
|
||
|
checkip.dyndns.com
|
193.122.130.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.67.152
|
reallyfreegeoip.org
|
United States
|
||
|
193.122.130.0
|
checkip.dyndns.com
|
United States
|
||
|
104.21.27.85
|
scratchdreams.tk
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DNXS-04-22_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7570000
|
trusted library section
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3357000
|
trusted library allocation
|
page read and write
|
|
|
|
2A61000
|
trusted library allocation
|
page read and write
|
|
|
|
403E000
|
trusted library allocation
|
page read and write
|
|
|
|
2B0B000
|
trusted library allocation
|
page read and write
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
52E5000
|
trusted library allocation
|
page read and write
|
||
|
4FDA000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
10EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DEF000
|
stack
|
page read and write
|
||
|
2BBB000
|
trusted library allocation
|
page read and write
|
||
|
2C49000
|
trusted library allocation
|
page read and write
|
||
|
5F77000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
2BB7000
|
trusted library allocation
|
page read and write
|
||
|
CD5000
|
heap
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
4FED000
|
trusted library allocation
|
page read and write
|
||
|
3AE5000
|
trusted library allocation
|
page read and write
|
||
|
4FDE000
|
trusted library allocation
|
page read and write
|
||
|
E41000
|
heap
|
page read and write
|
||
|
2C4C000
|
stack
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
A8E0000
|
heap
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
1088000
|
heap
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
7450000
|
heap
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page read and write
|
||
|
9259000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
7FE0000
|
heap
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
trusted library allocation
|
page read and write
|
||
|
675E000
|
stack
|
page read and write
|
||
|
E06000
|
heap
|
page read and write
|
||
|
10CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7590000
|
trusted library allocation
|
page execute and read and write
|
||
|
CF7000
|
trusted library allocation
|
page read and write
|
||
|
52BE000
|
trusted library allocation
|
page read and write
|
||
|
6204000
|
heap
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
2C2D000
|
trusted library allocation
|
page read and write
|
||
|
7FFF000
|
heap
|
page read and write
|
||
|
2BA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EB7000
|
trusted library allocation
|
page read and write
|
||
|
4FCB000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
2BAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB3000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
5E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
3A61000
|
trusted library allocation
|
page read and write
|
||
|
2BAB000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
trusted library allocation
|
page read and write
|
||
|
2C1F000
|
trusted library allocation
|
page read and write
|
||
|
12FF000
|
stack
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
4F5D000
|
stack
|
page read and write
|
||
|
2CF7000
|
trusted library allocation
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
8C2000
|
unkown
|
page readonly
|
||
|
2D3A000
|
trusted library allocation
|
page read and write
|
||
|
2CAC000
|
trusted library allocation
|
page read and write
|
||
|
7F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
821F000
|
stack
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
125D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A89000
|
trusted library allocation
|
page read and write
|
||
|
E3F000
|
heap
|
page read and write
|
||
|
10D3000
|
trusted library allocation
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
4FC6000
|
trusted library allocation
|
page read and write
|
||
|
7B52000
|
trusted library allocation
|
page read and write
|
||
|
61A0000
|
heap
|
page read and write
|
||
|
2897000
|
trusted library allocation
|
page execute and read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
4FF5000
|
trusted library allocation
|
page read and write
|
||
|
2B9B000
|
trusted library allocation
|
page read and write
|
||
|
2BC8000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
heap
|
page execute and read and write
|
||
|
2B26000
|
trusted library allocation
|
page read and write
|
||
|
60CD000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page execute and read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
3AFA000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
trusted library allocation
|
page read and write
|
||
|
61A5000
|
heap
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
stack
|
page read and write
|
||
|
2CCA000
|
trusted library allocation
|
page read and write
|
||
|
D1B000
|
trusted library allocation
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
561F000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
2882000
|
trusted library allocation
|
page read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
956000
|
unkown
|
page readonly
|
||
|
FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
EAB000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
7560000
|
trusted library section
|
page read and write
|
||
|
10B0000
|
trusted library allocation
|
page read and write
|
||
|
E04000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
63DE000
|
stack
|
page read and write
|
||
|
62DE000
|
stack
|
page read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
2CFD000
|
trusted library allocation
|
page read and write
|
||
|
DEE000
|
stack
|
page read and write
|
||
|
CFC000
|
trusted library allocation
|
page read and write
|
||
|
2B28000
|
trusted library allocation
|
page read and write
|
||
|
8009000
|
heap
|
page read and write
|
||
|
288A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C4000
|
trusted library allocation
|
page read and write
|
||
|
2895000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D09000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
79BE000
|
stack
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
trusted library allocation
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
3F05000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
5FCB000
|
stack
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
4FE6000
|
trusted library allocation
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
5E3F000
|
stack
|
page read and write
|
||
|
6190000
|
heap
|
page read and write
|
||
|
52C6000
|
trusted library allocation
|
page read and write
|
||
|
2BA7000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
54EE000
|
stack
|
page read and write
|
||
|
10E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7830000
|
trusted library section
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
5C1E000
|
stack
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
2D03000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
4C3D000
|
stack
|
page read and write
|
||
|
2B6B000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
2C0D000
|
trusted library allocation
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
5360000
|
trusted library section
|
page read and write
|
||
|
2CB1000
|
trusted library allocation
|
page read and write
|
||
|
289B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
4B3D000
|
stack
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
6170000
|
heap
|
page read and write
|
||
|
10C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FCE000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
52CD000
|
trusted library allocation
|
page read and write
|
||
|
E30000
|
trusted library allocation
|
page execute and read and write
|
||
|
6770000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BE3000
|
trusted library allocation
|
page read and write
|
||
|
2CCF000
|
trusted library allocation
|
page read and write
|
||
|
E5E000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
trusted library allocation
|
page read and write
|
||
|
2CD3000
|
trusted library allocation
|
page read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
2886000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D43000
|
heap
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
4F90000
|
heap
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2B1C000
|
trusted library allocation
|
page read and write
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
3F53000
|
trusted library allocation
|
page read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page execute and read and write
|
||
|
A59000
|
stack
|
page read and write
|
||
|
4FE1000
|
trusted library allocation
|
page read and write
|
||
|
60D0000
|
trusted library section
|
page readonly
|
||
|
3AEE000
|
trusted library allocation
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
52D2000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
2D10000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
5E70000
|
heap
|
page read and write
|
||
|
7280000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page execute and read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
6160000
|
heap
|
page read and write
|
||
|
811E000
|
stack
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
61B4000
|
heap
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
2CC1000
|
trusted library allocation
|
page read and write
|
||
|
620A000
|
heap
|
page read and write
|
||
|
52C1000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2B9F000
|
trusted library allocation
|
page read and write
|
||
|
2BAF000
|
trusted library allocation
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
740E000
|
stack
|
page read and write
|
||
|
7FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B57000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
D3E000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
FA4000
|
trusted library allocation
|
page read and write
|
||
|
2B08000
|
trusted library allocation
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
10DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B54000
|
trusted library allocation
|
page read and write
|
||
|
2BA2000
|
trusted library allocation
|
page read and write
|
||
|
DB6000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
D57000
|
heap
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
2BA3000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
heap
|
page read and write
|
||
|
8220000
|
trusted library section
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
2892000
|
trusted library allocation
|
page read and write
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
78B6000
|
trusted library allocation
|
page read and write
|
||
|
FFF000
|
stack
|
page read and write
|
||
|
6175000
|
heap
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
EA0000
|
trusted library allocation
|
page read and write
|
||
|
FA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3ACA000
|
trusted library allocation
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
4FB3000
|
heap
|
page read and write
|
||
|
5E40000
|
trusted library allocation
|
page read and write
|
||
|
10E2000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
AADE000
|
stack
|
page read and write
|
There are 277 hidden memdumps, click here to show them.