Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\J5kltefeTK.exe
|
"C:\Users\user\Desktop\J5kltefeTK.exe"
|
 |
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://checkcloudnet.com/check/connection7
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://checkcloudnet.com/check/connection
|
104.21.30.238
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://checkcloudnet.com/
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
checkcloudnet.com
|
104.21.30.238
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.30.238
|
checkcloudnet.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349
|
Blob
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A8500DD000
|
heap
|
page read and write
|
|
|
|
2A850111000
|
heap
|
page read and write
|
|
|
|
2A85010F000
|
heap
|
page read and write
|
|
|
|
2A850751000
|
heap
|
page read and write
|
|
|
|
2A850139000
|
heap
|
page read and write
|
|
|
|
2A85011F000
|
heap
|
page read and write
|
|
|
|
7FF720B41000
|
unkown
|
page execute read
|
|
|
|
2A8502E1000
|
heap
|
page read and write
|
|
|
|
2A8502E1000
|
heap
|
page read and write
|
|
|
|
7FF720B41000
|
unkown
|
page execute read
|
|
|
|
7FF720B40000
|
unkown
|
page readonly
|
||
|
2A85010B000
|
heap
|
page read and write
|
||
|
2A850290000
|
heap
|
page read and write
|
||
|
2A8500C0000
|
heap
|
page read and write
|
||
|
2A850181000
|
heap
|
page read and write
|
||
|
7FF720BCE000
|
unkown
|
page readonly
|
||
|
2A8521B0000
|
remote allocation
|
page read and write
|
||
|
DE00AFE000
|
stack
|
page read and write
|
||
|
2A850146000
|
heap
|
page read and write
|
||
|
2A8502FC000
|
heap
|
page read and write
|
||
|
2A8507BE000
|
heap
|
page read and write
|
||
|
2A8507F3000
|
heap
|
page read and write
|
||
|
2A850347000
|
heap
|
page read and write
|
||
|
2A85012F000
|
heap
|
page read and write
|
||
|
2A8502EC000
|
heap
|
page read and write
|
||
|
7FF720B84000
|
unkown
|
page readonly
|
||
|
7FF720BC4000
|
unkown
|
page readonly
|
||
|
2A85013F000
|
heap
|
page read and write
|
||
|
2A85035E000
|
heap
|
page read and write
|
||
|
2A85017A000
|
heap
|
page read and write
|
||
|
2A8502E0000
|
heap
|
page read and write
|
||
|
2A85010B000
|
heap
|
page read and write
|
||
|
7FF720BB3000
|
unkown
|
page readonly
|
||
|
2A85013A000
|
heap
|
page read and write
|
||
|
DE00BFF000
|
stack
|
page read and write
|
||
|
DE00CFE000
|
stack
|
page read and write
|
||
|
2A850400000
|
heap
|
page read and write
|
||
|
2A85014C000
|
heap
|
page read and write
|
||
|
2A8507B2000
|
heap
|
page read and write
|
||
|
2A8507B7000
|
heap
|
page read and write
|
||
|
7FF720BAC000
|
unkown
|
page readonly
|
||
|
2A8500FE000
|
heap
|
page read and write
|
||
|
2A85016C000
|
heap
|
page read and write
|
||
|
DE007FE000
|
stack
|
page read and write
|
||
|
2A85034E000
|
heap
|
page read and write
|
||
|
2A8500FE000
|
heap
|
page read and write
|
||
|
7FF720BE8000
|
unkown
|
page readonly
|
||
|
2A850405000
|
heap
|
page read and write
|
||
|
2A8521B0000
|
remote allocation
|
page read and write
|
||
|
2A8507D8000
|
heap
|
page read and write
|
||
|
2A850750000
|
heap
|
page read and write
|
||
|
2A8502E9000
|
heap
|
page read and write
|
||
|
7FF720B40000
|
unkown
|
page readonly
|
||
|
7FF720BAC000
|
unkown
|
page readonly
|
||
|
2A8500A8000
|
heap
|
page read and write
|
||
|
DE009FF000
|
stack
|
page read and write
|
||
|
2A8502FB000
|
heap
|
page read and write
|
||
|
2A8501B0000
|
heap
|
page read and write
|
||
|
7FF720BB3000
|
unkown
|
page readonly
|
||
|
DE006F6000
|
stack
|
page read and write
|
||
|
7FF720B9B000
|
unkown
|
page readonly
|
||
|
7FF720B97000
|
unkown
|
page read and write
|
||
|
7FF720BE8000
|
unkown
|
page readonly
|
||
|
2A850156000
|
heap
|
page read and write
|
||
|
2A85014A000
|
heap
|
page read and write
|
||
|
DE00DFD000
|
stack
|
page read and write
|
||
|
7FF720BB8000
|
unkown
|
page readonly
|
||
|
7FF720B84000
|
unkown
|
page readonly
|
||
|
7FF720BC4000
|
unkown
|
page readonly
|
||
|
7FF720B97000
|
unkown
|
page write copy
|
||
|
2A8502FE000
|
heap
|
page read and write
|
||
|
7FF720BB8000
|
unkown
|
page readonly
|
||
|
7FF720BA7000
|
unkown
|
page readonly
|
||
|
2A850103000
|
heap
|
page read and write
|
||
|
2A8502B0000
|
heap
|
page read and write
|
||
|
2A850150000
|
heap
|
page read and write
|
||
|
2A850120000
|
heap
|
page read and write
|
||
|
DE00FFB000
|
stack
|
page read and write
|
||
|
2A8507C2000
|
heap
|
page read and write
|
||
|
DE00EFF000
|
stack
|
page read and write
|
||
|
2A8500A0000
|
heap
|
page read and write
|
||
|
2A8521B0000
|
remote allocation
|
page read and write
|
||
|
2A85016C000
|
heap
|
page read and write
|
||
|
2A850352000
|
heap
|
page read and write
|
||
|
7FF720B9B000
|
unkown
|
page readonly
|
||
|
7FF720BCE000
|
unkown
|
page readonly
|
||
|
2A85014F000
|
heap
|
page read and write
|
||
|
7FF720BA7000
|
unkown
|
page readonly
|
||
|
2A850181000
|
heap
|
page read and write
|
||
|
2A8507CE000
|
heap
|
page read and write
|
||
|
DE008FE000
|
stack
|
page read and write
|
||
|
2A850342000
|
heap
|
page read and write
|
There are 82 hidden memdumps, click here to show them.