IOCReport

loading gif

Files

File Path
Type
Category
Malicious
oYIQVnvsyG.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
clean
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\oYIQVnvsyG.exe.log
ASCII text, with CRLF line terminators
dropped
clean

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\oYIQVnvsyG.exe
'C:\Users\user\Desktop\oYIQVnvsyG.exe'
clean

URLs

Name
IP
Malicious
http://go.microsz.R
unknown
clean

Memdumps

Base Address
Regiontype
Protect
Malicious
206B1D08000
unkown
page read and write
clean
1F6DBE02000
unkown
page read and write
clean
1A91C634000
unkown
page read and write
clean
1F6DAEE0000
unkown image
page readonly
clean
1624C048000
unkown
page read and write
clean
206B1DDD000
unkown
page read and write
clean
206B270C000
unkown
page read and write
clean
42222FF000
unkown
page read and write
clean
1F6DB9A4000
unkown
page read and write
clean
206B1CF6000
unkown
page read and write
clean
206B1DC5000
unkown
page read and write
clean
7FF55E5DB000
unkown image
page readonly
clean
1F6DBF63000
unkown
page read and write
clean
7FF5C593B000
unkown image
page readonly
clean
7DF502010000
unkown image
page readonly
clean
1A917102000
unkown
page read and write
clean
15313350000
unkown
page read and write
clean
7FF5E9FD9000
unkown image
page readonly
clean
7DF510042000
unkown image
page readonly
clean
206B1CBD000
unkown
page read and write
clean
206B1D84000
unkown
page read and write
clean
206B1C71000
unkown
page read and write
clean
206B1C44000
unkown
page read and write
clean
206B25E6000
unkown
page read and write
clean
206B1DBD000
unkown
page read and write
clean
7FF403470000
unkown image
page readonly
clean
7FF5BBF4F000
unkown image
page readonly
clean
1410000
unkown
page read and write
clean
1BE10000
unkown
page read and write
clean
1A91C4F0000
unkown
page read and write
clean
2011F600000
unkown
page read and write
clean
FFA6BEF000
unkown
page read and write
clean
7FF5C59AE000
unkown image
page readonly
clean
206B1C81000
unkown
page read and write
clean
1F6DB96C000
unkown
page read and write
clean
7FF520C7E000
unkown image
page readonly
clean
7FF5A1877000
unkown image
page readonly
clean
7FF5E5A59000
unkown image
page readonly
clean
206B1D20000
unkown
page read and write
clean
7FF55E3E0000
unkown image
page readonly
clean
206B1CA9000
unkown
page read and write
clean
7FF5A1CE0000
unkown image
page readonly
clean
206B1D40000
unkown
page read and write
clean
2F91000
unkown
page read and write
clean
2CBBCC60000
unkown image
page readonly
clean
2CBBCF13000
unkown
page read and write
clean
7FF55E294000
unkown image
page readonly
clean
7FF5EA00C000
unkown image
page readonly
clean
43D40FC000
unkown
page read and write
clean
206B1D97000
unkown
page read and write
clean
2011F540000
unkown image
page readonly
clean
7DF3FFEE0000
unkown image
page readonly
clean
1F6DB91A000
unkown
page read and write
clean
1CEAD002000
unkown
page read and write
clean
1BFDA6D0000
unkown image
page readonly
clean
7FF4FDC42000
unkown image
page readonly
clean
1BFDA23D000
unkown
page read and write
clean
7FF5C5868000
unkown image
page readonly
clean
7FF5C5A79000
unkown image
page readonly
clean
B43F8FC000
unkown
page read and write
clean
7FF55E39C000
unkown image
page readonly
clean
2CBBCE52000
unkown
page read and write
clean
206B25DE000
unkown
page read and write
clean
206B1DB1000
unkown
page read and write
clean
1F6DB0BB000
unkown
page read and write
clean
27876CF0000
unkown image
page read and write
clean
1624C102000
unkown
page read and write
clean
1F6DB802000
unkown
page read and write
clean
206B1CD3000
unkown
page read and write
clean
27876D66000
heap default
page read and write
clean
206B1D15000
unkown
page read and write
clean
7DF5F7D60000
unkown image
page readonly
clean