IOC Report
Payload.exe

loading gif

Files

File Path
Type
Category
Malicious
Payload.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Payload.exe.log
CSV text
dropped
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Payload.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Payload.exe:Zone.Identifier
ASCII text, with CRLF line terminators
modified
malicious

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Payload.exe
"C:\Users\user\Desktop\Payload.exe"
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Payload.exe
"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Payload.exe"
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
C12000
unkown
page readonly
malicious
126E000
stack
page read and write
10F1000
heap
page read and write
1B9DE000
stack
page read and write
14B5000
heap
page read and write
7FFD9B8F4000
trusted library allocation
page read and write
2E20000
heap
page read and write
1B8A0000
heap
page read and write
15F0000
heap
page execute and read and write
1B3BD000
stack
page read and write
7FFD9BA10000
trusted library allocation
page execute and read and write
FE0000
heap
page execute and read and write
7FFD9B9AC000
trusted library allocation
page execute and read and write
1187000
heap
page read and write
7FFD9B900000
trusted library allocation
page read and write
107C000
heap
page read and write
10DC000
heap
page read and write
2F0E000
stack
page read and write
166B000
heap
page read and write
EF4000
stack
page read and write
7FFD9B9D6000
trusted library allocation
page execute and read and write
1060000
heap
page read and write
DA0000
heap
page read and write
10BC000
heap
page read and write
12F13000
trusted library allocation
page read and write
1B97E000
stack
page read and write
2F11000
trusted library allocation
page read and write
1BD80000
heap
page execute and read and write
DC0000
heap
page read and write
10A6000
heap
page read and write
13CF000
stack
page read and write
7FFD9BA90000
trusted library allocation
page read and write
DE0000
heap
page read and write
B90000
heap
page read and write
7FFD9BAA0000
trusted library allocation
page execute and read and write
14B0000
heap
page read and write
1120000
heap
page read and write
1665000
heap
page read and write
7FFD9B904000
trusted library allocation
page read and write
7FFD9B902000
trusted library allocation
page read and write
1185000
heap
page read and write
10DE000
heap
page read and write
137F000
stack
page read and write
12F17000
trusted library allocation
page read and write
C10000
unkown
page readonly
1BBDE000
stack
page read and write
11A6000
heap
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
7FFD9B90D000
trusted library allocation
page execute and read and write
15E0000
heap
page read and write
1B870000
heap
page read and write
1610000
heap
page read and write
10B6000
heap
page read and write
B70000
heap
page read and write
1195000
heap
page read and write
7FF48C6A0000
trusted library allocation
page execute and read and write
7FFD9B91B000
trusted library allocation
page execute and read and write
1660000
heap
page read and write
11A9000
heap
page read and write
7FFD9B9B0000
trusted library allocation
page execute and read and write
12C5000
heap
page read and write
7FFD9B91D000
trusted library allocation
page execute and read and write
1070000
trusted library allocation
page read and write
7FFD9BA90000
trusted library allocation
page read and write
10E3000
heap
page read and write
1127000
heap
page read and write
10B6000
heap
page read and write
7FFD9B902000
trusted library allocation
page read and write
D54000
stack
page read and write
109C000
heap
page read and write
12C0000
heap
page read and write
1070000
heap
page read and write
10B0000
heap
page read and write
12F11000
trusted library allocation
page read and write
1B7FE000
stack
page read and write
10E6000
heap
page read and write
1073000
trusted library allocation
page read and write
10E2000
heap
page read and write
7FFD9B910000
trusted library allocation
page read and write
1050000
trusted library allocation
page read and write
12E35000
trusted library allocation
page read and write
7FFD9B8FD000
trusted library allocation
page execute and read and write
1BADF000
stack
page read and write
1C790000
heap
page read and write
2D5E000
stack
page read and write
D90000
heap
page read and write