IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious

URLs

Name
IP
Malicious
http://185.215.113.206/c4becf79229cb002.php
185.215.113.206
http://185.215.113.206/c4becf79229cb002.phpj
unknown
http://185.215.113.206/c4becf79229cb002.php/
unknown
http://185.215.113.206/
185.215.113.206
http://185.215.113.206
unknown
http://185.215.113.206/c4becf79229cb002.phpf
unknown

IPs

IP
Domain
Country
Malicious
185.215.113.206
unknown
Portugal
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
13DE000
heap
page read and write
malicious
121000
unkown
page execute and read and write
malicious
52A0000
direct allocation
page read and write
malicious
171E000
stack
page read and write
4E01000
heap
page read and write
60B000
unkown
page execute and read and write
1394000
heap
page read and write
1394000
heap
page read and write
1394000
heap
page read and write
5400000
direct allocation
page execute and read and write
4E01000
heap
page read and write
4DF0000
direct allocation
page read and write
4DF0000
direct allocation
page read and write
4E01000
heap
page read and write
4DEF000
stack
page read and write
3F1E000
stack
page read and write
4E01000
heap
page read and write
1394000
heap
page read and write
4E01000
heap
page read and write
47A0000
heap
page read and write
1394000
heap
page read and write
4E20000
heap
page read and write
13DA000
heap
page read and write
1394000
heap
page read and write
42DE000
stack
page read and write
4E08000
heap
page read and write
4E01000
heap
page read and write
4E01000
heap
page read and write
5240000
trusted library allocation
page read and write
309B000
heap
page read and write
1AE000
unkown
page execute and read and write
300E000
stack
page read and write
4E01000
heap
page read and write
1394000
heap
page read and write
1394000
heap
page read and write
52D6000
direct allocation
page read and write
1335000
stack
page read and write
319F000
stack
page read and write
133D000
stack
page read and write
1394000
heap
page read and write
469E000
stack
page read and write
4E01000
heap
page read and write
1D3AE000
stack
page read and write
4E01000
heap
page read and write
4E01000
heap
page read and write
4DF0000
direct allocation
page read and write
1D73D000
stack
page read and write
5420000
direct allocation
page execute and read and write
4BAE000
stack
page read and write
1394000
heap
page read and write
141F000
heap
page read and write
365E000
stack
page read and write
1D22F000
stack
page read and write
5450000
direct allocation
page execute and read and write
39DF000
stack
page read and write
120000
unkown
page readonly
53DF000
stack
page read and write
4FB000
unkown
page execute and read and write
4E01000
heap
page read and write
429F000
stack
page read and write
1394000
heap
page read and write
3C9E000
stack
page read and write
7CA000
unkown
page execute and write copy
121000
unkown
page execute and write copy
3097000
heap
page read and write
455E000
stack
page read and write
3A1E000
stack
page read and write
1428000
heap
page read and write
48EF000
stack
page read and write
181F000
stack
page read and write
419E000
stack
page read and write
1D63D000
stack
page read and write
405E000
stack
page read and write
4E01000
heap
page read and write
15DE000
stack
page read and write
1394000
heap
page read and write
1CF000
unkown
page execute and read and write
621000
unkown
page execute and read and write
4E01000
heap
page read and write
415F000
stack
page read and write
4E10000
heap
page read and write
36C000
unkown
page execute and read and write
47EE000
stack
page read and write
4E01000
heap
page read and write
4E01000
heap
page read and write
1D5EF000
stack
page read and write
4E01000
heap
page read and write
1D77E000
stack
page read and write