IOCReport

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\VZghv7yI7g.exe
'C:\Users\user\Desktop\VZghv7yI7g.exe'
malicious

URLs

Name
IP
Malicious
https://bamontarquitectura.com.mx/IRANSAT_kowbB4.bi}
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
2250000
unkown
page execute and read and write
malicious
263D2502000
unkown
page read and write
clean
7FF5E0D61000
unkown
page readonly
clean
BF6A87F000
unkown
page read and write
clean
7FF54833B000
unkown
page readonly
clean
7FF5E1F0C000
unkown
page readonly
clean
11B87740000
unkown
page readonly
clean
285A5057000
unkown
page read and write
clean
7FF584216000
unkown
page readonly
clean
C05A7FE000
unkown
page read and write
clean
7FF513F7C000
unkown
page readonly
clean
7FF596F28000
unkown
page readonly
clean
7FF5E0E15000
unkown
page readonly
clean
13D82047000
unkown
page read and write
clean
1BF067C0000
unkown
page read and write
clean
24657908000
unkown
page read and write
clean
7FF583FE0000
unkown
page readonly
clean
7FF513ED4000
unkown
page readonly
clean
7FF548B5F000
unkown
page readonly
clean
1BC26FB0000
unkown
page readonly
clean
7FF596F30000
unkown
page readonly
clean
23665466000
unkown
page read and write
clean
7FF5BABF6000
unkown
page readonly
clean
7FF513E93000
unkown
page readonly
clean
7FF548BCA000
unkown
page readonly
clean
7FF584150000
unkown
page readonly
clean
263D26D0000
unkown
page readonly
clean
11B86A13000
unkown
page read and write
clean
7FF596BEC000
unkown
page readonly
clean
7FF5B206C000
unkown
page readonly
clean
7FF5F9E35000
unkown
page readonly
clean
2366542A000
unkown
page read and write
clean
24658188000
unkown
page read and write
clean
18670487000
unkown
page read and write
clean
1A242268000
unkown
page read and write
clean
1BF06900000
unkown
page read and write
clean
24658654000
unkown
page read and write
clean
7FF5F9C82000
unkown
page readonly
clean
263D2413000
unkown
page read and write
clean
1F938B00000
heap private
page read and write
clean
7FF5B25A3000
unkown
page readonly
clean
7FF583F3E000
unkown
page readonly
clean
7FF583D9B000
unkown
page readonly
clean
24658193000
unkown
page read and write
clean
7FF5F9E05000
unkown
page readonly
clean
7FF5344DF000
unkown
page readonly
clean
24658144000
unkown
page read and write
clean
7FF548CE5000
unkown
page readonly
clean
13D8207A000
unkown
page read and write
clean
7FF596BF9000
unkown
page readonly
clean
23665600000
unkown
page readonly
clean
400000
unkown image
page readonly
clean
570000
unkown
page execute read
clean
1BC27080000
unkown
page read and write
clean
1A2A0252000
unkown
page read and write
clean
1BF066D0000
unkown
page readonly
clean
7FF5F9C4F000
unkown
page readonly
clean
1A2A0308000
unkown
page read and write
clean
11B86B00000
unkown
page read and write
clean
7FF596FA4000
unkown
page readonly
clean
44B36FD000
unkown
page read and write
clean
1F939402000
unkown
page read and write
clean
7FF5480E5000
unkown
page readonly
clean
24657A00000
unkown
page readonly
clean
8FF7C7E000
unkown
page read and write
clean
7FF534379000
unkown
page readonly
clean
173E9FF000
unkown
page read and write
clean
186703E0000
unkown
page readonly
clean
263D79AE000
unkown
page read and write
clean
246581B3000
unkown
page read and write
clean
2465818F000
unkown
page read and write
clean
7FF596D72000
unkown
page readonly
clean
7FF5B27F1000
unkown
page readonly
clean
7FF596A29000
unkown
page readonly
clean
263D24B6000
unkown
page read and write
clean
7FF548B39000
unkown
page readonly
clean
24657660000
unkown
page readonly
clean