IOC Report
1647275689_4782.jpg

loading gif

Files

File Path
Type
Category
Malicious
1647275689_4782.jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 338x319, components 3
initial sample
C:\Windows\debug\WIA\wiatrace.log
ASCII text, with CRLF, LF line terminators
dropped

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\mspaint.exe
mspaint.exe "C:\Users\user\Desktop\1647275689_4782.jpg"

URLs

Name
IP
Malicious
http://www.w3.or
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF

Memdumps

Base Address
Regiontype
Protect
Malicious
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
6781000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4CB0000
heap
page read and write
2CA4000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
29AE000
stack
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2C60000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2E4E000
heap
page read and write
4891000
heap
page read and write
534E000
stack
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4D37000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write
4891000
heap
page read and write
2CA4000
heap
page read and write
4891000
heap
page read and write