API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 22nd, 2020
156
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.52 KB | None | 0 0
raw download clone embed print report
  1. Network Communication
  2. HTTP Requests
  3. http://ip-api.com/json/
  4. DNS Resolutions
  5. ip-api.com
  6. IP Traffic
  7. 208.95.112.1:80 (TCP)
  8. 208.95.112.1:80 (TCP)
  9. File System Actions
  10. Files Opened
  11. C:\Windows\SYSTEM32\MSCOREE.DLL.local
  12. C:\Windows\Microsoft.NET\Framework\v4.0.30319\
  13. C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
  14. C:\Windows\Microsoft.NET\Framework\
  15. C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
  16. C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
  17. C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
  18. C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
  19. C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
  20. C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
  21. Files Deleted
  22. C:\Users\<USER>\Downloads\7f22fd2ad7bd09243e68766ee5fb8c8e.virus.exe:Zone.Identifier
  23. C:\Users\<USER>\AppData\Roaming\Java\svchost.exe:Zone.Identifier
  24. Files Copied
  25. C:\Users\<USER>\Downloads\7f22fd2ad7bd09243e68766ee5fb8c8e.virus.exe
  26. Registry Actions
  27. Registry Keys Opened
  28. HKLM\Software\Microsoft\.NETFramework\Policy
  29. HKLM\Software\Microsoft\.NETFramework\Policy\v4.0
  30. HKLM\Software\Microsoft\.NETFramework
  31. HKLM\Software\Microsoft\.NETFramework\InstallRoot
  32. HKLM\Software\Microsoft\.NETFramework\CLRLoadLogDir
  33. HKLM\Software\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
  34. HKLM\Software\Microsoft\.NETFramework\OnlyUseLatestCLR
  35. HKCU\Software\Microsoft\.NETFramework\Policy\Standards
  36. HKLM\Software\Microsoft\.NETFramework\Policy\Standards\v4.0.30319
  37. HKLM\SOFTWARE\Microsoft\Fusion
  38. Registry Keys Set
  39. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Java Updater
  40. Process And Service Actions
  41. Processes Terminated
  42. schtasks /create /tn Java Updater /sc ONLOGON /tr C:\Users\<USER>\Downloads\7f22fd2ad7bd09243e68766ee5fb8c8e.virus.exe /rl HIGHEST /f
  43. Processes Tree
  44. 2748 - 7f22fd2ad7bd09243e68766ee5fb8c8e.virus.exe
  45. 348 - C:\Users\<USER>\AppData\Roaming\Java\svchost.exe
  46. 2752 - schtasks /create /tn Java Updater /sc ONLOGON /tr C:\Users\<USER>\Downloads\7f22fd2ad7bd09243e68766ee5fb8c8e.virus.exe /rl HIGHEST /f
  47. Synchronization Mechanisms & Signals
  48. Mutexes Created
  49. QSR_MUTEX_Puy5Aj9DT5VCcZAMPh
  50. Modules Loaded
  51. Runtime Modules
  52. api-ms-win-core-synch-l1-2-0
  53. kernel32
  54. api-ms-win-core-fibers-l1-1-1
  55. api-ms-win-core-localization-l1-2-1
  56. ADVAPI32.dll
  57. C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
  58. SHLWAPI.dll
  59. api-ms-win-appmodel-runtime-l1-1-2.dll
  60. api-ms-win-appmodel-runtime-l1-1-0.dll
  61. VERSION.dll
  62. Highlighted Actions
  63. Calls Highlighted
  64. IsDebuggerPresent
  65. Highlighted Text
  66. C:\Windows\system32\cmd.exe
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!