IOCReport

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe 'C:\Users\user\Desktop\gg_1.gif.dll'
malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\user\Desktop\gg_1.gif.dll,DllServer
malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe 'C:\Users\user\Desktop\gg_1.gif.dll',#1
malicious
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\gg_1.gif.dll',#1
clean

Memdumps

Base Address
Regiontype
Protect
Malicious
4D40000
unkown
page read and write
malicious
4560000
unkown
page read and write
malicious
3020000
unkown
page read and write
malicious
29B66540000
unkown
page readonly
clean
24210C70000
unkown
page read and write
clean
18AB6610000
unkown
page read and write
clean
18AB6210000
unkown
page read and write
clean
13C0000
unkown
page read and write
clean
7FF552BAF000
unkown
page readonly
clean
29B664D0000
heap private
page read and write
clean
29987C90000
heap default
page read and write
clean
7FF50E98F000
unkown
page readonly
clean
21B9466D000
unkown
page read and write
clean
7FF552C3E000
unkown
page readonly
clean
34D0000
unkown
page read and write
clean
1D43077C000
unkown
page read and write
clean
18AB393C000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
7FF59D7B0000
unkown
page readonly
clean
3000000
heap private
page read and write
clean
13C0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
7FF4F965B000
unkown
page readonly
clean
34D0000
unkown
page read and write
clean
7FF512F7E000
unkown
page readonly
clean
34D0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
13C0000
unkown
page read and write
clean
332F000
unkown
page read and write
clean
7FF4F3EA3000
unkown
page readonly
clean
3301000
unkown
page read and write
clean
46D0000
unkown
page read and write
clean
7FF59D804000
unkown
page readonly
clean
13C0000
unkown
page read and write
clean
1D4300D5000
unkown
page read and write
clean
29B6467D000
unkown
page read and write
clean
1D430102000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
29987E55000
unkown
page read and write
clean
23288F00000
unkown
page readonly
clean
7FF4F40EA000
unkown
page readonly
clean
32C0000
heap default
page read and write
clean
29B64800000
unkown
page readonly
clean
34D0000
unkown
page read and write
clean
299897A0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
7FF552431000
unkown
page readonly
clean
990F97E000
unkown
page read and write
clean
7FF5E1342000
unkown
page readonly
clean
7FF5182DC000
unkown
page readonly
clean
7FF4F4054000
unkown
page readonly
clean
13C0000
unkown
page read and write
clean
13C0000
unkown
page read and write
clean
1D4300E2000
unkown
page read and write
clean
7FF5D4AB8000
unkown
page readonly
clean
13C0000
unkown
page read and write
clean
7FF532A67000
unkown
page readonly
clean
29B66602000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
2A60000
unkown
page readonly
clean
18AB597D000
unkown
page read and write
clean
2C4B000
unkown
page readonly
clean
18AB5D42000
unkown
page read and write
clean
13C0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
10001000
unkown image
page execute and read and write
clean
21B9466F000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
34D0000
unkown
page read and write
clean
46D0000
unkown
page read and write
clean
13C0000
unkown
page read and write
clean