IOC Report
4iDSIZ8MhI.exe

loading gif

Files

File Path
Type
Category
Malicious
4iDSIZ8MhI.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Temp\autE651.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\autE681.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\leucoryx
ASCII text, with very long lines (65536), with no line terminators
modified
C:\Users\user\AppData\Local\Temp\scroll
data
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\4iDSIZ8MhI.exe
"C:\Users\user\Desktop\4iDSIZ8MhI.exe"
malicious
C:\Windows\SysWOW64\svchost.exe
"C:\Users\user\Desktop\4iDSIZ8MhI.exe"
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
400000
system
page execute and read and write
malicious
3750000
direct allocation
page read and write
malicious
3013000
heap
page read and write
3013000
heap
page read and write
3F10000
direct allocation
page read and write
3013000
heap
page read and write
3AC000
unkown
page read and write
4039000
direct allocation
page read and write
138F000
heap
page read and write
3D70000
direct allocation
page read and write
14CC000
heap
page read and write
37C000
unkown
page readonly
3790000
direct allocation
page read and write
408D000
direct allocation
page read and write
4089000
direct allocation
page read and write
3217000
heap
page read and write
3A29000
direct allocation
page execute and read and write
3990000
direct allocation
page execute and read and write
382D000
heap
page read and write
3013000
heap
page read and write
4039000
direct allocation
page read and write
3013000
heap
page read and write
E39000
stack
page read and write
3013000
heap
page read and write
1458000
heap
page read and write
2D4C000
stack
page read and write
3013000
heap
page read and write
3013000
heap
page read and write
374F000
stack
page read and write
3BD1000
direct allocation
page execute and read and write
14C6000
heap
page read and write
3013000
heap
page read and write
3EE3000
direct allocation
page read and write
13F5000
heap
page read and write
4089000
direct allocation
page read and write
148F000
heap
page read and write
3301000
heap
page read and write
201F000
stack
page read and write
3013000
heap
page read and write
3013000
heap
page read and write
39D0000
heap
page read and write
34D0000
direct allocation
page read and write
13F2000
heap
page read and write
1270000
heap
page read and write
408D000
direct allocation
page read and write
3013000
heap
page read and write
2D0D000
stack
page read and write
2D80000
heap
page read and write
403D000
direct allocation
page read and write
40AE000
direct allocation
page read and write
3790000
direct allocation
page read and write
3790000
direct allocation
page read and write
3A2D000
direct allocation
page execute and read and write
13F6000
heap
page read and write
12BE000
stack
page read and write
40AE000
direct allocation
page read and write
2E0000
unkown
page readonly
3013000
heap
page read and write
1C1E000
stack
page read and write
13F6000
heap
page read and write
2DA0000
heap
page read and write
3013000
heap
page read and write
3D70000
direct allocation
page read and write
3700000
heap
page read and write
3E93000
direct allocation
page read and write
3500000
heap
page read and write
3D20000
direct allocation
page read and write
13F2000
heap
page read and write
3013000
heap
page read and write
40AE000
direct allocation
page read and write
3790000
direct allocation
page read and write
130E000
stack
page read and write
123F000
stack
page read and write
389E000
heap
page read and write
149C000
heap
page read and write
2E0000
unkown
page readonly
138F000
heap
page read and write
3013000
heap
page read and write
403D000
direct allocation
page read and write
3013000
heap
page read and write
1358000
heap
page read and write
13F2000
heap
page read and write
3B0000
unkown
page write copy
3623000
heap
page read and write
3013000
heap
page read and write
3217000
heap
page read and write