IOC Report
SoftwareAGUpdateManagerInstaller20231121-11-LinuxX86.bin

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding

URLs

Name
IP
Malicious
https://itrac.eur.ad.sag/browse/SUM-5400
unknown
http://documentation.softwareag.com/legal/general_license.txt
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
There are 8 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2D2CB0DB000
heap
page read and write
2D2C8FC4000
heap
page read and write
2D2CB0E4000
heap
page read and write
2D2CB0D3000
heap
page read and write
2D2C8FD2000
heap
page read and write
2D2CB0BF000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CB023000
heap
page read and write
2D2CB0BB000
heap
page read and write
2D2CB0CE000
heap
page read and write
2D2CD74D000
heap
page read and write
2D2CAFD5000
heap
page read and write
2D2CB0EB000
heap
page read and write
2D2CB06A000
heap
page read and write
2D2CB0CB000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2C8FD1000
heap
page read and write
2D2CAFEE000
heap
page read and write
2D2C9005000
heap
page read and write
2D2CD7A0000
heap
page read and write
2D2CB06F000
heap
page read and write
2D2C8FCE000
heap
page read and write
2D2C8FC8000
heap
page read and write
2D2CB0DF000
heap
page read and write
2D2C8FD5000
heap
page read and write
2D2CB0DF000
heap
page read and write
2D2CAFFC000
heap
page read and write
2D2C8FCE000
heap
page read and write
2D2CAFF6000
heap
page read and write
2D2CB00A000
heap
page read and write
2D2CB0DF000
heap
page read and write
FC489FD000
stack
page read and write
2D2CB0C5000
heap
page read and write
2D2C8FE2000
heap
page read and write
2D2CD779000
heap
page read and write
2D2C8FA7000
heap
page read and write
2D2C8FDA000
heap
page read and write
2D2CB0B2000
heap
page read and write
2D2CD748000
heap
page read and write
2D2CB0DF000
heap
page read and write
FC488FE000
stack
page read and write
2D2CD7A5000
heap
page read and write
2D2CB086000
heap
page read and write
2D2CB08D000
heap
page read and write
2D2C9023000
heap
page read and write
2D2CAFE0000
heap
page read and write
2D2C9026000
heap
page read and write
2D2CAFFC000
heap
page read and write
2D2C8FD8000
heap
page read and write
2D2CB004000
heap
page read and write
FC485A7000
stack
page read and write
2D2CB0B8000
heap
page read and write
2D2CB0B9000
heap
page read and write
2D2CAFFA000
heap
page read and write
2D2CB0DB000
heap
page read and write
2D2C9120000
heap
page read and write
FC48D7D000
stack
page read and write
2D2CB0BF000
heap
page read and write
2D2CAFD2000
heap
page read and write
2D2C8FD6000
heap
page read and write
2D2CB0B7000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CB06B000
heap
page read and write
2D2C8FF2000
heap
page read and write
2D2CB00C000
heap
page read and write
2D2CB0DF000
heap
page read and write
2D2C8FD6000
heap
page read and write
2D2CB0CA000
heap
page read and write
2D2CAB30000
heap
page read and write
2D2CB0BF000
heap
page read and write
2D2CB02B000
heap
page read and write
2D2CD742000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CAFF6000
heap
page read and write
FC48A7E000
stack
page read and write
2D2CB023000
heap
page read and write
2D2CB035000
heap
page read and write
2D2CAFE9000
heap
page read and write
2D2CB0C1000
heap
page read and write
2D2CB00A000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CAFF8000
heap
page read and write
2D2CB0CD000
heap
page read and write
2D2CD7AA000
heap
page read and write
2D2CB0D7000
heap
page read and write
2D2C8FFD000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CD7A7000
heap
page read and write
2D2CDC50000
heap
page read and write
2D2CD722000
heap
page read and write
2D2CB0DF000
heap
page read and write
2D2C9013000
heap
page read and write
2D2CB0AB000
heap
page read and write
2D2CD779000
heap
page read and write
2D2CB00C000
heap
page read and write
2D2CB086000
heap
page read and write
FC4887E000
stack
page read and write
2D2C901C000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2C8F90000
heap
page read and write
2D2CB0CE000
heap
page read and write
2D2CD1E0000
trusted library allocation
page read and write
2D2C8FDC000
heap
page read and write
2D2C8FDA000
heap
page read and write
2D2CB0CD000
heap
page read and write
2D2CD7A5000
heap
page read and write
2D2CB0A0000
heap
page read and write
2D2C8F30000
heap
page read and write
2D2C8FE6000
heap
page read and write
2D2CB08A000
heap
page read and write
2D2C8FBE000
heap
page read and write
2D2C8FC6000
heap
page read and write
2D2CB0DF000
heap
page read and write
2D2C902D000
heap
page read and write
2D2CB0A4000
heap
page read and write
2D2CB0E3000
heap
page read and write
2D2C8FBE000
heap
page read and write
2D2CB026000
heap
page read and write
2D2C8FC4000
heap
page read and write
2D2C8F92000
heap
page read and write
2D2C8FC7000
heap
page read and write
2D2CAFE9000
heap
page read and write
2D2CB023000
heap
page read and write
2D2CB0E3000
heap
page read and write
2D2C8FEC000
heap
page read and write
2D2CB0E4000
heap
page read and write
2D2C901F000
heap
page read and write
2D2CB02B000
heap
page read and write
2D2CB0C9000
heap
page read and write
FC48B7B000
stack
page read and write
2D2CB035000
heap
page read and write
2D2CAF90000
heap
page read and write
2D2CAA05000
heap
page read and write
2D2C8F41000
heap
page read and write
2D2CAFFA000
heap
page read and write
2D2C8FEE000
heap
page read and write
2D2CB0AB000
heap
page read and write
2D2CD750000
heap
page read and write
2D2CB0D7000
heap
page read and write
2D2CB004000
heap
page read and write
FC48AFB000
stack
page read and write
2D2CB0A0000
heap
page read and write
FC4897E000
stack
page read and write
2D2C9000000
heap
page read and write
2D2CB086000
heap
page read and write
2D2C8FE5000
heap
page read and write
2D2C8FD6000
heap
page read and write
2D2CB0E7000
heap
page read and write
2D2CB0CE000
heap
page read and write
2D2CB072000
heap
page read and write
2D2CB0D7000
heap
page read and write
2D2CD779000
heap
page read and write
2D2C8FCF000
heap
page read and write
2D2CB00A000
heap
page read and write
2D2CD713000
heap
page read and write
2D2CD774000
heap
page read and write
2D2CB0D3000
heap
page read and write
2D2CD78A000
heap
page read and write
2D2CB06B000
heap
page read and write
2D2CB023000
heap
page read and write
2D2CD7A0000
heap
page read and write
2D2C8FDD000
heap
page read and write
2D2CAA0A000
heap
page read and write
2D2CB090000
heap
page read and write
2D2CB06B000
heap
page read and write
2D2CB0DB000
heap
page read and write
2D2CB0BA000
heap
page read and write
2D2C8FE3000
heap
page read and write
2D2CB0E3000
heap
page read and write
2D2CB0D3000
heap
page read and write
2D2C9008000
heap
page read and write
2D2CB0DB000
heap
page read and write
2D2C8FF5000
heap
page read and write
2D2CAA00000
heap
page read and write
2D2CB0AB000
heap
page read and write
2D2C8FF6000
heap
page read and write
2D2CB00C000
heap
page read and write
2D2CB0E3000
heap
page read and write
2D2CB0DB000
heap
page read and write
2D2CB0C0000
heap
page read and write
2D2CB0CE000
heap
page read and write
2D2CB0A0000
heap
page read and write
2D2CD780000
heap
page read and write
2D2CAFD7000
heap
page read and write
2D2C9006000
heap
page read and write
2D2C9006000
heap
page read and write
2D2CAA0B000
heap
page read and write
2D2C8FDA000
heap
page read and write
2D2CAFFE000
heap
page read and write
2D2CB035000
heap
page read and write
2D2CB05A000
heap
page read and write
2D2CD781000
heap
page read and write
2D2C8FD9000
heap
page read and write
2D2CD76C000
heap
page read and write
2D2CB0D7000
heap
page read and write
2D2CB086000
heap
page read and write
2D2CB035000
heap
page read and write
2D2CB0DB000
heap
page read and write
2D2CB0CE000
heap
page read and write
2D2CB0E0000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CB0BB000
heap
page read and write
2D2CB0E3000
heap
page read and write
FC48DFB000
stack
page read and write
2D2CB0A8000
heap
page read and write
2D2CB0D3000
heap
page read and write
2D2CB0BF000
heap
page read and write
2D2CB059000
heap
page read and write
2D2CB069000
heap
page read and write
2D2CB02B000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CD72F000
heap
page read and write
2D2CB004000
heap
page read and write
2D2CB0BF000
heap
page read and write
2D2CB086000
heap
page read and write
2D2C9040000
heap
page read and write
2D2C8FC1000
heap
page read and write
2D2CB0D7000
heap
page read and write
2D2CD710000
heap
page read and write
2D2CB0AB000
heap
page read and write
2D2CD76C000
heap
page read and write
2D2CB086000
heap
page read and write
2D2CAFD4000
heap
page read and write
2D2CA900000
heap
page read and write
2D2CB0B1000
heap
page read and write
2D2CB0A5000
heap
page read and write
2D2CAFF8000
heap
page read and write
2D2CB0C5000
heap
page read and write
2D2CD772000
heap
page read and write
2D2CB0D3000
heap
page read and write
2D2CAFEB000
heap
page read and write
2D2CB0D7000
heap
page read and write
There are 222 hidden memdumps, click here to show them.