IOC Report
parcel-label_photo.lnk

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
"C:\Windows\System32\WScript.exe" "D:\logo\eReceipt.vbs"

Memdumps

Base Address
Regiontype
Protect
Malicious
1B6AAAD2000
heap
page read and write
975EEFF000
stack
page read and write
1B6AAD60000
heap
page read and write
1B6AAD65000
heap
page read and write
1B6AAACD000
heap
page read and write
1B6AAB18000
heap
page read and write
1B6AAB18000
heap
page read and write
1B6AAAD8000
heap
page read and write
1B6AAA40000
heap
page read and write
1B6AAAEC000
heap
page read and write
1B6AAB18000
heap
page read and write
1B6AE1A0000
trusted library allocation
page read and write
1B6AAB18000
heap
page read and write
975EDFE000
stack
page read and write
1B6AAD00000
heap
page read and write
1B6AAB18000
heap
page read and write
1B6AAAE6000
heap
page read and write
1B6AAAB0000
heap
page read and write
1B6AAAF2000
heap
page read and write
1B6AAAD9000
heap
page read and write
1B6AAAF2000
heap
page read and write
1B6AAAEB000
heap
page read and write
1B6AAAE6000
heap
page read and write
1B6AACD4000
heap
page read and write
1B6AAA30000
heap
page read and write
1B6AAAF2000
heap
page read and write
1B6AAAE6000
heap
page read and write
1B6AAA60000
heap
page read and write
1B6AAAFB000
heap
page read and write
975ECFA000
stack
page read and write
1B6AAAEF000
heap
page read and write
1B6AACD0000
heap
page read and write
1B6AAD6C000
heap
page read and write
1B6AAB14000
heap
page read and write
1B6AAAF2000
heap
page read and write
975F1FE000
stack
page read and write
1B6AE9A0000
heap
page read and write
975F0FE000
stack
page read and write
1B6AAAB8000
heap
page read and write
1B6AAAD2000
heap
page read and write
There are 30 hidden memdumps, click here to show them.