IOC Report
ltIcQWMDj9.dll

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\ltIcQWMDj9.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\ltIcQWMDj9.dll",#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\ltIcQWMDj9.dll",#1

Memdumps

Base Address
Regiontype
Protect
Malicious
BE0000
heap
page read and write
90A000
heap
page read and write
920000
heap
page read and write
13B0000
heap
page read and write
FE0000
heap
page read and write
69C000
stack
page read and write
CF0000
heap
page read and write
12FD000
stack
page read and write
932000
heap
page read and write
85E000
stack
page read and write
14BF000
heap
page read and write
920000
heap
page read and write
137E000
stack
page read and write
944000
heap
page read and write
89F000
stack
page read and write
1900000
heap
page read and write
659000
stack
page read and write
931000
heap
page read and write
17AF000
stack
page read and write
FD0000
heap
page read and write
14B0000
heap
page read and write
928000
heap
page read and write
5BA0000
heap
page read and write
810000
heap
page read and write
92D000
heap
page read and write
BE6000
heap
page read and write
6F0000
heap
page read and write
931000
heap
page read and write
928000
heap
page read and write
7D0000
heap
page read and write
93E000
heap
page read and write
CE0000
heap
page read and write
F7D000
stack
page read and write
BCE000
stack
page read and write
133E000
stack
page read and write
900000
heap
page read and write
8DE000
stack
page read and write
14BB000
heap
page read and write
5FE0000
trusted library allocation
page read and write
928000
heap
page read and write
16AF000
stack
page read and write
5BA4000
heap
page read and write
924000
heap
page read and write
BEA000
heap
page read and write
There are 34 hidden memdumps, click here to show them.