IOCReport

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe
'C:\Users\user\Desktop\RICHIESTA DI OFFERTA.exe'
malicious

URLs

Name
IP
Malicious
https://bamontarquitectura.com.mx/IRANSAT_kowbB4.bi}
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
460000
unkown
page execute and read and write
malicious
3122000
unkown
page readonly
clean
400000
unkown image
page readonly
clean
3D0000
unkown
page read and write
clean
2BC0000
unkown
page readonly
clean
31B5000
unkown
page readonly
clean
4D4000
heap private
page read and write
clean
18C000
unkown
page read and write
clean
590000
heap private
page read and write
clean
31C6000
unkown
page readonly
clean
322D000
unkown
page readonly
clean
25B7000
heap private
page read and write
clean
433000
unkown image
page read and write
clean
3265000
unkown
page readonly
clean
3279000
unkown
page readonly
clean
6E0000
unkown
page readonly
clean
604000
heap default
page read and write
clean
340000
unkown
page readonly
clean
27A0000
unkown
page read and write
clean
450000
unkown
page readonly
clean
3226000
unkown
page readonly
clean
3295000
unkown
page readonly
clean
32A2000
unkown
page readonly
clean
3144000
unkown
page readonly
clean
435000
unkown image
page readonly
clean
5E7000
heap default
page read and write
clean
2F42000
unkown
page readonly
clean
32A9000
unkown
page readonly
clean
3249000
unkown
page readonly
clean
2B0000
heap private
page read and write
clean
3042000
unkown
page readonly
clean
3196000
unkown
page readonly
clean
1E00000
unkown
page read and write
clean
31F6000
unkown
page readonly
clean
2F48000
unkown
page readonly
clean
3142000
unkown
page readonly
clean
400000
unkown image
page readonly
clean
4DB000
heap private
page read and write
clean
20000
unkown
page read and write
clean
2200000
unkown
page readonly
clean
31A2000
unkown
page readonly
clean
26A2000
heap private
page read and write
clean
230000
unkown
page read and write
clean
7EFDF000
unkown
page read and write
clean
3490000
unkown
page readonly
clean
220000
unkown
page execute read
clean
32C5000
unkown
page readonly
clean
3470000
unkown
page readonly
clean
3229000
unkown
page readonly
clean
4D0000
heap private
page read and write
clean
3E0000
unkown
page write copy
clean
2684000
heap private
page read and write
clean
259A000
heap private
page read and write
clean
401000
unkown image
page execute read
clean
3172000
unkown
page readonly
clean
3124000
unkown
page readonly
clean
31D2000
unkown
page readonly
clean
2560000
heap private
page read and write
clean
3272000
unkown
page readonly
clean
401000
unkown image
page execute read
clean
400000
unkown image
page readonly
clean
860000
unkown
page readonly
clean
2680000
heap private
page read and write
clean
435000
unkown image
page readonly
clean
4D8000
heap private
page read and write
clean
2BA0000
unkown
page readonly
clean
3202000
unkown
page readonly
clean
3242000
unkown
page readonly
clean
34B0000
unkown
page readonly
clean
3185000
unkown
page readonly
clean
3215000
unkown
page readonly
clean
26C0000
unkown
page readonly
clean
2590000
heap private
page read and write
clean
3104000
unkown
page readonly
clean
1B0000
unkown
page readonly
clean
A00000
unkown
page readonly
clean
5E0000
heap default
page read and write
clean