IOC Report
Minutes_of_15th_Session_of_PSC.pdf.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC.pdf.exe
"C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC.pdf.exe"
 malicious
C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC.pdf.exe
C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC.pdf
 malicious
C:\Windows\SysWOW64\cmd.exe
"cmd.exe" /c C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC.pdf
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
"cmd.exe" /c C:\Users\user\Desktop\Minutes_of_15th_Session_of_PSC
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

URLs

Name
IP
Malicious
https://oraclewebonline.com/log.php
unknown
https://oraclewebonline.com/log.php?computername=715575&username=usert
unknown
http://oraclewebonline.com
unknown
https://oraclewebonline.com
unknown
http://oraclewebonline.comd
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://oraclewebonline.com/log.php?computername=715575&username=user
188.241.39.200
https://oraclewebonline.comD
unknown

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
oraclewebonline.com
188.241.39.200

IPs

IP
Domain
Country
Malicious
188.241.39.200
oraclewebonline.com
Belize

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Minutes_of_15th_Session_of_PSC_RASMANCS
FileDirectory
There are 5 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
320A000
trusted library allocation
page read and write
6B8F000
stack
page read and write
25BD000
stack
page read and write
2E4E000
stack
page read and write
32C9000
trusted library allocation
page read and write
123C000
heap
page read and write
316E000
stack
page read and write
6B90000
heap
page read and write
337A000
trusted library allocation
page read and write
14C0000
heap
page read and write
15FC000
unkown
page read and write
3222000
trusted library allocation
page read and write
6CDE000
stack
page read and write
32A1000
trusted library allocation
page read and write
14BE000
stack
page read and write
2990000
heap
page read and write
13AE000
heap
page read and write
33B6000
trusted library allocation
page read and write
3274000
trusted library allocation
page read and write
12BA000
heap
page read and write
3090000
heap
page read and write
30E0000
trusted library allocation
page read and write
2920000
heap
page read and write
338A000
trusted library allocation
page read and write
1340000
heap
page read and write
53DE000
stack
page read and write
13B6000
heap
page read and write
2CFD000
stack
page read and write
2D30000
heap
page read and write
32E5000
trusted library allocation
page read and write
32B3000
trusted library allocation
page read and write
3372000
trusted library allocation
page read and write
3268000
trusted library allocation
page read and write
5A7E000
unkown
page read and write
1300000
heap
page read and write
4241000
trusted library allocation
page read and write
3264000
trusted library allocation
page read and write
13E1000
heap
page read and write
30DE000
stack
page read and write
2EB2000
trusted library allocation
page read and write
323F000
stack
page read and write
337E000
trusted library allocation
page read and write
2EA0000
trusted library allocation
page read and write
122A000
heap
page read and write
33AA000
trusted library allocation
page read and write
338E000
trusted library allocation
page read and write
5A3E000
stack
page read and write
3241000
trusted library allocation
page read and write
185E000
stack
page read and write
32BA000
trusted library allocation
page read and write
1200000
heap
page read and write
32D1000
trusted library allocation
page read and write
1350000
heap
page read and write
292D000
stack
page read and write
3399000
trusted library allocation
page read and write
3284000
trusted library allocation
page read and write
32C4000
trusted library allocation
page read and write
5E8E000
stack
page read and write
29DE000
unkown
page read and write
29E0000
heap
page read and write
3260000
trusted library allocation
page read and write
6BAA000
heap
page read and write
3080000
trusted library allocation
page execute and read and write
16A0000
heap
page read and write
56DE000
stack
page read and write
3040000
trusted library allocation
page read and write
1630000
trusted library allocation
page read and write
55D0000
trusted library allocation
page read and write
6BBE000
heap
page read and write
12F9000
stack
page read and write
3290000
heap
page read and write
33A6000
trusted library allocation
page read and write
FDC000
stack
page read and write
325A000
trusted library allocation
page read and write
304F000
unkown
page read and write
321E000
trusted library allocation
page read and write
327C000
trusted library allocation
page read and write
5CF8000
stack
page read and write
2E9D000
trusted library allocation
page execute and read and write
1620000
trusted library allocation
page read and write
3254000
trusted library allocation
page read and write
2A6C000
heap
page read and write
13A0000
heap
page read and write
15DE000
stack
page read and write
1633000
trusted library allocation
page execute and read and write
336E000
trusted library allocation
page read and write
5BBE000
stack
page read and write
2E84000
trusted library allocation
page read and write
314F000
stack
page read and write
3178000
trusted library allocation
page read and write
12C2000
heap
page read and write
1286000
heap
page read and write
5D3D000
stack
page read and write
166B000
trusted library allocation
page execute and read and write
1650000
trusted library allocation
page read and write
2E80000
trusted library allocation
page read and write
571D000
stack
page read and write
526E000
stack
page read and write
3250000
trusted library allocation
page read and write
654E000
stack
page read and write
1660000
trusted library allocation
page read and write
3278000
trusted library allocation
page read and write
1867000
heap
page read and write
62CE000
stack
page read and write
2ED0000
trusted library allocation
page read and write
3000000
trusted library allocation
page execute and read and write
5B7D000
stack
page read and write
181E000
stack
page read and write
1640000
trusted library allocation
page read and write
2E40000
heap
page read and write
2EA7000
trusted library allocation
page execute and read and write
6F1C000
stack
page read and write
3386000
trusted library allocation
page read and write
1690000
heap
page read and write
16B0000
heap
page read and write
2E70000
heap
page read and write
127D000
heap
page read and write
2FFE000
stack
page read and write
6BD2000
heap
page read and write
2EBB000
trusted library allocation
page execute and read and write
3280000
trusted library allocation
page read and write
2A20000
heap
page read and write
3010000
heap
page execute and read and write
1402000
heap
page read and write
320F000
trusted library allocation
page read and write
3130000
heap
page execute and read and write
5B3C000
stack
page read and write
31F9000
trusted library allocation
page read and write
583E000
stack
page read and write
1667000
trusted library allocation
page execute and read and write
12BF000
heap
page read and write
F30000
unkown
page readonly
121E000
heap
page read and write
32DD000
trusted library allocation
page read and write
597E000
stack
page read and write
3256000
trusted library allocation
page read and write
2E90000
trusted library allocation
page read and write
5B8E000
stack
page read and write
13A5000
heap
page read and write
317C000
trusted library allocation
page read and write
2D1C000
heap
page read and write
138E000
heap
page read and write
3301000
trusted library allocation
page read and write
321A000
trusted library allocation
page read and write
59AE000
stack
page read and write
1347000
heap
page read and write
1340000
heap
page read and write
2D10000
heap
page read and write
5720000
trusted library allocation
page read and write
5D7E000
stack
page read and write
596B000
stack
page read and write
1680000
trusted library allocation
page read and write
14FD000
stack
page read and write
3120000
heap
page execute and read and write
3248000
trusted library allocation
page read and write
3288000
trusted library allocation
page read and write
1640000
trusted library allocation
page read and write
2A00000
heap
page read and write
1208000
heap
page read and write
28FD000
stack
page read and write
1610000
heap
page read and write
575E000
stack
page read and write
323A000
trusted library allocation
page read and write
3252000
trusted library allocation
page read and write
2EB0000
trusted library allocation
page read and write
324C000
trusted library allocation
page read and write
1850000
trusted library allocation
page read and write
1644000
trusted library allocation
page read and write
6A8E000
stack
page read and write
307E000
stack
page read and write
179E000
stack
page read and write
1634000
trusted library allocation
page read and write
3270000
trusted library allocation
page read and write
138E000
stack
page read and write
1860000
heap
page read and write
138A000
heap
page read and write
5C8E000
stack
page read and write
31F6000
trusted library allocation
page read and write
33A0000
trusted library allocation
page read and write
3171000
trusted library allocation
page read and write
2EB7000
trusted library allocation
page execute and read and write
163E000
stack
page read and write
61CF000
stack
page read and write
1283000
heap
page read and write
2A60000
heap
page read and write
2E8D000
trusted library allocation
page execute and read and write
644E000
stack
page read and write
163D000
trusted library allocation
page execute and read and write
2E83000
trusted library allocation
page execute and read and write
2F1E000
stack
page read and write
4171000
trusted library allocation
page read and write
33E9000
trusted library allocation
page read and write
F32000
unkown
page readonly
6DDC000
stack
page read and write
2EA2000
trusted library allocation
page read and write
15E0000
heap
page read and write
2A81000
heap
page read and write
2EAA000
trusted library allocation
page execute and read and write
3060000
heap
page read and write
6E1E000
stack
page read and write
F99000
stack
page read and write
32A6000
trusted library allocation
page read and write
13C3000
heap
page read and write
14BE000
stack
page read and write
1380000
heap
page read and write
1408000
heap
page read and write
3258000
trusted library allocation
page read and write
3382000
trusted library allocation
page read and write
5F8E000
stack
page read and write
33EB000
trusted library allocation
page read and write
3376000
trusted library allocation
page read and write
3391000
trusted library allocation
page read and write
5760000
heap
page execute and read and write
E9C000
stack
page read and write
3020000
heap
page read and write
1310000
heap
page read and write
14C5000
heap
page read and write
5BFD000
stack
page read and write
326C000
trusted library allocation
page read and write
There are 209 hidden memdumps, click here to show them.