IOCReport

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SOCAR Petroleum S.A Romania ordin urgent nr. 21199.exe
'C:\Users\user\Desktop\SOCAR Petroleum S.A Romania ordin urgent nr. 21199.exe'
malicious

URLs

Name
IP
Malicious
https://andreameixueiro.com/karin_entmCGmZw1b;z
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
401000
unkown image
page execute read
malicious
401000
unkown image
page execute read
malicious
7FF52CB60000
unkown
page readonly
clean
22C38229000
unkown
page read and write
clean
231C3CDA000
unkown
page read and write
clean
60194FF000
unkown
page read and write
clean
2395D340000
unkown
page readonly
clean
B1C917C000
unkown
page read and write
clean
219BD857000
unkown
page read and write
clean
231C3DB4000
unkown
page read and write
clean
231C3D58000
unkown
page read and write
clean
219BDF5F000
unkown
page read and write
clean
1FBDCF70000
unkown
page read and write
clean
7FF54C7F8000
unkown
page readonly
clean
2844A300000
unkown
page read and write
clean
231C3DA2000
unkown
page read and write
clean
219BDFA0000
unkown
page read and write
clean
231C3D26000
unkown
page read and write
clean
7FF58965B000
unkown
page readonly
clean
1AE50802000
unkown
page read and write
clean
219BDF4F000
unkown
page read and write
clean
243D7065000
unkown
page read and write
clean
231C3D9C000
unkown
page read and write
clean
7FF596FCF000
unkown
page readonly
clean
2844A24F000
unkown
page read and write
clean
7FF5088A8000
unkown
page readonly
clean
2395BA35000
heap private
page read and write
clean
2570000
unkown
page readonly
clean
219BE402000
unkown
page read and write
clean
7FF59109D000
unkown
page readonly
clean
2D0B9B90000
heap default
page read and write
clean
231C45C3000
unkown
page read and write
clean
7FF584B60000
unkown
page readonly
clean
2134000
heap private
page read and write
clean
247AEA60000
unkown
page readonly
clean
231C3DBC000
unkown
page read and write
clean
7FF52773E000
unkown
page readonly
clean
22C38950000
unkown
page read and write
clean
21DC1A02000
unkown
page read and write
clean
1FBDCEA4000
unkown
page read and write
clean
7FF568999000
unkown
page readonly
clean
7FF596746000
unkown
page readonly
clean
7FF5E04B2000
unkown
page readonly
clean
25648C73000
heap default
page read and write
clean
231C3CED000
unkown
page read and write
clean
F8B2F7F000
unkown
page read and write
clean
231C4502000
unkown
page read and write
clean
7FF568765000
unkown
page readonly
clean
2437EF90000
unkown
page read and write
clean
231C3DC4000
unkown
page read and write
clean
1AE4EBC0000
heap private
page read and write
clean
231C3D69000
unkown
page read and write
clean
231C3D15000
unkown
page read and write
clean
231C3DAB000
unkown
page read and write
clean
7FF54477F000
unkown
page readonly
clean
2844A308000
unkown
page read and write
clean
7FF544858000
unkown
page readonly
clean
7FF504773000
unkown
page readonly
clean
7FF589509000
unkown
page readonly
clean
231C3DFC000
unkown
page read and write
clean
7FF58F2D2000
unkown
page readonly
clean
219BDF78000
unkown
page read and write
clean
7FF596C2D000
unkown
page readonly
clean
231C3D33000
unkown
page read and write
clean
7FF52CA0E000
unkown
page readonly
clean
219BDF2A000
unkown
page read and write
clean
231C3D8D000
unkown
page read and write
clean
231C3C8A000
unkown
page read and write
clean
7FF596CED000
unkown
page readonly
clean
1FBDCE60000
unkown
page read and write
clean
231C4538000
unkown
page read and write
clean
231C3D5F000
unkown
page read and write
clean
265AD43C000
unkown
page read and write
clean
1FBD8159000
unkown
page read and write
clean
231C451F000
unkown
page read and write
clean
231C3D17000
unkown
page read and write
clean
7FF58F0EA000
unkown
page readonly
clean