IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious

URLs

Name
IP
Malicious
http://185.215.113.37/e2b1563c6670f193.php=
unknown
malicious
http://185.215.113.37/
185.215.113.37
malicious
http://185.215.113.37/e2b1563c6670f193.phpk
unknown
malicious
http://185.215.113.37
unknown
malicious
http://185.215.113.37/e2b1563c6670f193.php?
unknown
malicious
http://185.215.113.37/(
unknown
malicious
http://185.215.113.37/i
unknown
malicious
http://185.215.113.37/e2b1563c6670f193.php
185.215.113.37
malicious
http://185.215.113.37/ws
unknown
malicious
http://185.215.113.37/e2b1563c6670f193.phpa-7368302a1ad4
unknown
malicious

IPs

IP
Domain
Country
Malicious
185.215.113.37
unknown
Portugal
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
1C1000
unkown
page execute and read and write
malicious
E1E000
heap
page read and write
malicious
4B70000
direct allocation
page read and write
malicious
1CFEC000
stack
page read and write
2A2000
unkown
page execute and read and write
6AE000
unkown
page execute and read and write
46F1000
heap
page read and write
2927000
heap
page read and write
46F1000
heap
page read and write
1CEED000
stack
page read and write
28F0000
direct allocation
page read and write
46F1000
heap
page read and write
36EE000
stack
page read and write
CF4000
heap
page read and write
46EF000
stack
page read and write
CF4000
heap
page read and write
28F0000
direct allocation
page read and write
46F1000
heap
page read and write
4CD0000
direct allocation
page execute and read and write
46F1000
heap
page read and write
1C1000
unkown
page execute and write copy
4700000
heap
page read and write
3A6F000
stack
page read and write
6A7000
unkown
page execute and read and write
CF4000
heap
page read and write
1C0000
unkown
page read and write
4CF0000
direct allocation
page execute and read and write
C40000
heap
page read and write
1C0000
unkown
page readonly
46F1000
heap
page read and write
46F1000
heap
page read and write
CF4000
heap
page read and write
CF4000
heap
page read and write
46F1000
heap
page read and write
9EE000
stack
page read and write
46F1000
heap
page read and write
28F0000
direct allocation
page read and write
1C9DE000
stack
page read and write
1D12E000
stack
page read and write
9E5000
stack
page read and write
1CADF000
stack
page read and write
46F1000
heap
page read and write
CF4000
heap
page read and write
396E000
stack
page read and write
C50000
heap
page read and write
46F1000
heap
page read and write
1CC1F000
stack
page read and write
CF4000
heap
page read and write
41E000
unkown
page execute and read and write
2B6F000
stack
page read and write
46F1000
heap
page read and write
3BAF000
stack
page read and write
856000
unkown
page execute and read and write
CF4000
heap
page read and write
46F1000
heap
page read and write
5B0000
unkown
page execute and read and write
CBE000
stack
page read and write
27D000
unkown
page execute and read and write
46F1000
heap
page read and write
CF4000
heap
page read and write
1CD5F000
stack
page read and write
46F1000
heap
page read and write
E0E000
stack
page read and write
44AE000
stack
page read and write
E63000
heap
page read and write
30AE000
stack
page read and write
46F1000
heap
page read and write
CF4000
heap
page read and write
E10000
heap
page read and write
E97000
heap
page read and write
31EE000
stack
page read and write
CF4000
heap
page read and write
28F0000
direct allocation
page read and write
4710000
heap
page read and write
3BEE000
stack
page read and write
28AF000
stack
page read and write
3FAE000
stack
page read and write
CF4000
heap
page read and write
46F1000
heap
page read and write
46F1000
heap
page read and write