IOC Report

loading gif

Files

File Path
Type
Category
Malicious
PKO_TRANS_DETAILS_20211216_0809521.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Temp\~DF4AE55F204BB0FB8A.TMP
Composite Document File V2 Document, Cannot read section info
dropped
clean

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\PKO_TRANS_DETAILS_20211216_0809521.exe
"C:\Users\user\Desktop\PKO_TRANS_DETAILS_20211216_0809521.exe"
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
4C80000
unkown
page execute and read and write
malicious
99E197F000
stack
page read and write
clean
248BC6D0000
unkown image
page readonly
clean
7FF5B5ED4000
unkown image
page readonly
clean
2A36945C000
unkown
page read and write
clean
7FF56374A000
unkown image
page readonly
clean
18E123C0000
unkown
page read and write
clean
7FF5B5EC9000
unkown image
page readonly
clean
241AAD90000
unkown image
page readonly
clean
16DCA713000
unkown
page read and write
clean
248BCB82000
unkown
page read and write
clean
7FF57A605000
unkown image
page readonly
clean
7FFB2000
unkown image
page readonly
clean
7FF522244000
unkown image
page readonly
clean
2A369260000
unkown image
page readonly
clean
98000
unkown
page read and write
clean
16DCA670000
unkown
page read and write
clean
26F315E0000
unkown
page read and write
clean
2A116000000
unkown image
page readonly
clean
7FF5478EA000
unkown image
page readonly
clean
241AAE00000
unkown
page read and write
clean
7FF5DE38B000
unkown image
page readonly
clean
7FF57AE5E000
unkown image
page readonly
clean
18E12A00000
unkown image
page readonly
clean
7FF522E97000
unkown image
page readonly
clean
7FF522183000
unkown image
page readonly
clean
7FF587AE9000
unkown image
page readonly
clean
7FF5633CC000
unkown image
page readonly
clean
7FF52328A000
unkown image
page readonly
clean
7DF50EA20000
unkown image
page readonly
clean
248BCB8E000
unkown
page read and write
clean
248BC9C0000
unkown image
page read and write
clean
7DF50EA12000
unkown image
page readonly
clean
248BCB7B000
unkown
page read and write
clean
7DF43BF60000
unkown image
page readonly
clean
7FF5879AD000
unkown image
page readonly
clean
2EF0000
unkown image
page readonly
clean
16DCA540000
unkown image
page readonly
clean
7FF5233B1000
unkown image
page readonly
clean
16DCA63C000
unkown
page read and write
clean
7FF5218FB000
unkown image
page readonly
clean
7FF587B3E000
unkown image
page readonly
clean
2A369413000
unkown
page read and write
clean
20563508000
unkown
page read and write
clean
7FF522F87000
unkown image
page readonly
clean
20563448000
unkown
page read and write
clean
7FFC0000
unkown image
page readonly
clean
7FF5DE42A000
unkown image
page readonly
clean
7FF5636F3000
unkown image
page readonly
clean
7DF531030000
unkown image
page readonly
clean
7FF587A65000
unkown image
page readonly
clean
21A3BA48000
unkown
page read and write
clean
21A3BF80000
unkown image
page readonly
clean
7DF5555D2000
unkown image
page readonly
clean
7FF500D03000
unkown image
page readonly
clean
7FF563337000
unkown image
page readonly
clean
2190000
unkown
page read and write
clean
7FF5B7770000
unkown image
page readonly
clean
2A369446000
unkown
page read and write
clean
26F31650000
unkown
page read and write
clean
26F3166B000
unkown
page read and write
clean
E7A44FF000
stack
page read and write
clean
26F31A00000
unkown image
page readonly
clean
20563471000
unkown
page read and write
clean
7FF5220E1000
unkown image
page readonly
clean
7DF595842000
unkown image
page readonly
clean
425000
unkown image
page readonly
clean
7FF500CC3000
unkown image
page readonly
clean
21A3BA47000
unkown
page read and write
clean
7DF595842000
unkown image
page readonly
clean
1A1D0C75000
unkown
page read and write
clean
7FF55172E000
unkown image
page readonly
clean
7DF588B92000
unkown image
page readonly
clean