IOC Report
83WMUEr268.dll

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\83WMUEr268.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\83WMUEr268.dll",#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\83WMUEr268.dll",#1

Memdumps

Base Address
Regiontype
Protect
Malicious
5870000
heap
page read and write
15C0000
heap
page read and write
29E4000
heap
page read and write
510000
heap
page read and write
647000
heap
page read and write
29F4000
heap
page read and write
137E000
stack
page read and write
29CC000
heap
page read and write
29E5000
heap
page read and write
1010000
heap
page read and write
29D3000
heap
page read and write
1257000
heap
page read and write
D9D000
stack
page read and write
4AC000
stack
page read and write
1000000
heap
page read and write
520000
heap
page read and write
550000
heap
page read and write
64A000
heap
page read and write
29D8000
heap
page read and write
29CF000
heap
page read and write
29DE000
heap
page read and write
29E3000
heap
page read and write
5874000
heap
page read and write
640000
heap
page read and write
123F000
stack
page read and write
29E3000
heap
page read and write
29BA000
heap
page read and write
29B0000
heap
page read and write
29F4000
heap
page read and write
28FE000
stack
page read and write
29DF000
heap
page read and write
29A0000
heap
page read and write
124F000
heap
page read and write
C9D000
stack
page read and write
1060000
heap
page read and write
29D8000
heap
page read and write
1240000
heap
page read and write
29CF000
heap
page read and write
283E000
stack
page read and write
105E000
stack
page read and write
29FC000
heap
page read and write
124B000
heap
page read and write
28BE000
stack
page read and write
5820000
heap
page read and write
29DE000
heap
page read and write
147F000
stack
page read and write
469000
stack
page read and write
5D30000
trusted library allocation
page read and write
287F000
stack
page read and write
There are 39 hidden memdumps, click here to show them.