IOC Report
dinhVFAbgo

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\dinhVFAbgo.exe
"C:\Users\user\Desktop\dinhVFAbgo.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c md C:\DownLoad-Helper
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

URLs

Name
IP
Malicious
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/UpdateInit/Agent.exe
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/ProtectDriver/x64_Defender.dat
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/ProtectDriver/x64_FsFilter.dat
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/SHA128Driver/x64_Defender.dathttps:
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/SHA128Driver/x64_FsFilter.dat
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/UpdateInit/Update.ini
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/SHA128Driver/x64_Defender.dat
unknown
https://wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com/TorJanFile/UpdateInit/Update.inihttps://wtyjqp
unknown

Domains

Name
IP
Malicious
wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com
59.110.190.41

IPs

IP
Domain
Country
Malicious
59.110.190.41
wtyjqpaszl-torjan.oss-cn-beijing.aliyuncs.com
China

Memdumps

Base Address
Regiontype
Protect
Malicious
3BB1478000
stack
page read and write
1CFDA43C000
heap
page read and write
A64BEFC000
stack
page read and write
201AA2FB000
heap
page read and write
898997E000
stack
page read and write
22B18A02000
heap
page read and write
4B64D6B000
stack
page read and write
1A2CD502000
heap
page read and write
4B6507E000
stack
page read and write
332C000
stack
page read and write
1D6DC890000
trusted library section
page readonly
99F54FD000
stack
page read and write
251B1660000
heap
page read and write
1D6E10EB000
heap
page read and write
2019B300000
heap
page read and write
22B17BB0000
trusted library allocation
page read and write
8DC8F7F000
stack
page read and write
1CFDA2A0000
heap
page read and write
44D077E000
stack
page read and write
1475000
heap
page read and write
22B17CB5000
heap
page read and write
8DC8E7B000
stack
page read and write
1C951613000
heap
page read and write
2B521A7C000
heap
page read and write
251B1813000
heap
page read and write
3BB1A7E000
stack
page read and write
28D68708000
heap
page read and write
1C951BC0000
remote allocation
page read and write
160F000
heap
page read and write
1CFDA413000
heap
page read and write
251B1868000
heap
page read and write
4B652FE000
stack
page read and write
160F000
heap
page read and write
4B654FE000
stack
page read and write
22B17A40000
heap
page read and write
1CFDA45E000
heap
page read and write
FB1CD2B000
stack
page read and write
22B18595000
heap
page read and write
201AA335000
heap
page read and write
251B1854000
heap
page read and write
1DDD877000
stack
page read and write
44D04FE000
stack
page read and write
28D68600000
heap
page read and write
F89F1FE000
stack
page read and write
1A2CD413000
heap
page read and write
160F000
heap
page read and write
2B521A00000
heap
page read and write
4B655FF000
stack
page read and write
22B17D13000
heap
page read and write
1D6E0E80000
trusted library allocation
page read and write
22B18551000
heap
page read and write
201AA260000
heap
page read and write
15B0000
heap
page read and write
1D6DB887000
heap
page read and write
F89F2FF000
stack
page read and write
22B18587000
heap
page read and write
E68000
unkown
page read and write
898987F000
stack
page read and write
1C951600000
heap
page read and write
22B18594000
heap
page read and write
A64B56B000
stack
page read and write
4B6527B000
stack
page read and write
22B17A50000
heap
page read and write
F3C000
stack
page read and write
220A7102000
heap
page read and write
2B521A67000
heap
page read and write
C8278FF000
unkown
page read and write
220A70E1000
heap
page read and write
28D6865C000
heap
page read and write
28D68629000
heap
page read and write
1604000
heap
page read and write
22B1858A000
heap
page read and write
22B17C13000
heap
page read and write
1D6E0D6E000
trusted library allocation
page read and write
CA1000
unkown
page execute read
22B17C29000
heap
page read and write
22B18597000
heap
page read and write
2B5217A0000
heap
page read and write
1D6E0EC0000
remote allocation
page read and write
201AA505000
heap
page read and write
1D6DBF70000
trusted library section
page read and write
201AA306000
heap
page read and write
1A2CD513000
heap
page read and write
2B521800000
heap
page read and write
1D6DC118000
heap
page read and write
22B18A02000
heap
page read and write
2B521B02000
heap
page read and write
C827677000
stack
page read and write
1D6DBFD1000
trusted library allocation
page read and write
1D6E0D60000
trusted library allocation
page read and write
1A2CD487000
heap
page read and write
1D6DC100000
heap
page read and write
22B17C8A000
heap
page read and write
1D6E0EB0000
trusted library allocation
page read and write
1A2CD400000
heap
page read and write
1D6DC860000
trusted library section
page readonly
1D6DB902000
heap
page read and write
2B521A58000
heap
page read and write
1CFDA508000
heap
page read and write
1A2CD47E000
heap
page read and write
8DC927D000
stack
page read and write
2B521A44000
heap
page read and write
1D6DC850000
trusted library section
page readonly
2019BA02000
trusted library allocation
page read and write
220A7067000
heap
page read and write
35AF000
stack
page read and write
1D6DC102000
heap
page read and write
251B186C000
heap
page read and write
22B18597000
heap
page read and write
22B18500000
heap
page read and write
A64BFFE000
stack
page read and write
A64B97C000
stack
page read and write
1A2CD43D000
heap
page read and write
31EC000
stack
page read and write
3BB1CFC000
stack
page read and write
220A70E8000
heap
page read and write
1D6E109D000
heap
page read and write
201AA130000
heap
page read and write
220A7070000
heap
page read and write
1D6DB926000
heap
page read and write
1D6DC118000
heap
page read and write
15F9000
heap
page read and write
2B521A3B000
heap
page read and write
1CFDA485000
heap
page read and write
160F000
heap
page read and write
1D6E10F8000
heap
page read and write
201AA334000
heap
page read and write
251B1924000
heap
page read and write
1C951B90000
trusted library allocation
page read and write
201AA32D000
heap
page read and write
2B521A46000
heap
page read and write
C827AFC000
stack
page read and write
1A2CD240000
heap
page read and write
1470000
heap
page read and write
22B17CEA000
heap
page read and write
2B521A60000
heap
page read and write
28D68C60000
trusted library allocation
page read and write
22B18A02000
heap
page read and write
2019B090000
heap
page read and write
1D6E10F2000
heap
page read and write
1D6E0DA0000
trusted library allocation
page read and write
220A7802000
heap
page read and write
1A2CD476000
heap
page read and write
22B185A5000
heap
page read and write
A64C1FE000
stack
page read and write
4B653F7000
stack
page read and write
22B182D0000
remote allocation
page read and write
3BB1BFF000
stack
page read and write
22B18592000
heap
page read and write
22B182D0000
remote allocation
page read and write
3BB167A000
stack
page read and write
1C951663000
heap
page read and write
22B18588000
heap
page read and write
22B18592000
heap
page read and write
15FD000
heap
page read and write
251B1800000
heap
page read and write
2B521A5C000
heap
page read and write
22B1857A000
heap
page read and write
201AA320000
heap
page read and write
1D6E0C40000
trusted library allocation
page read and write
34AE000
stack
page read and write
3A6D000
stack
page read and write
2B521A42000
heap
page read and write
28D68490000
heap
page read and write
1D6E10AA000
heap
page read and write
99F4EFE000
stack
page read and write
22B18593000
heap
page read and write
1CFDA429000
heap
page read and write
1D6E0EA0000
trusted library allocation
page read and write
FB1CDAE000
stack
page read and write
15A0000
trusted library allocation
page read and write
1D6DC002000
heap
page read and write
201AA500000
heap
page read and write
22B1858A000
heap
page read and write
22B18A02000
heap
page read and write
FB1D1FE000
stack
page read and write
1D6E104A000
heap
page read and write
F89EFFB000
stack
page read and write
2019B24E000
heap
page read and write
1DDD4FF000
stack
page read and write
22B17CE7000
heap
page read and write
F89EAAB000
stack
page read and write
1D6DC000000
heap
page read and write
1A2CD485000
heap
page read and write
C82777F000
stack
page read and write
CA0000
unkown
page readonly
1D6DC159000
heap
page read and write
28D6867E000
heap
page read and write
99F4B3B000
stack
page read and write
3BB1FFF000
stack
page read and write
A64BBFF000
stack
page read and write
E85000
unkown
page read and write
31F3000
heap
page read and write
A64BD7D000
stack
page read and write
1D6E10DA000
heap
page read and write
3200000
trusted library allocation
page read and write
22B185A0000
heap
page read and write
22B18595000
heap
page read and write
22B18572000
heap
page read and write
251B183F000
heap
page read and write
22B18402000
heap
page read and write
2B521A5F000
heap
page read and write
1D6DC770000
trusted library allocation
page read and write
1A2CD250000
heap
page read and write
44D047A000
stack
page read and write
22B1858A000
heap
page read and write
2B521A7F000
heap
page read and write
3226000
heap
page read and write
22B1855C000
heap
page read and write
F89EBAF000
stack
page read and write
28D68670000
heap
page read and write
251B2002000
trusted library allocation
page read and write
3B6F000
stack
page read and write
2B521A6A000
heap
page read and write
2B521A4E000
heap
page read and write
3BB177E000
stack
page read and write
3BB1B7F000
stack
page read and write
1D6E0EC0000
remote allocation
page read and write
22B18A03000
heap
page read and write
2B521A45000
heap
page read and write
22B17C3C000
heap
page read and write
1D6DB876000
heap
page read and write
220A70BB000
heap
page read and write
2019B020000
heap
page read and write
FB1D07E000
stack
page read and write
FB1D3FE000
stack
page read and write
201AA314000
heap
page read and write
99F53FD000
stack
page read and write
22B17CDF000
heap
page read and write
3BB1DFD000
stack
page read and write
3BB157A000
stack
page read and write
1D6E1012000
heap
page read and write
220A7750000
trusted library allocation
page read and write
1D6E10F6000
heap
page read and write
201AA320000
heap
page read and write
1A2CD402000
heap
page read and write
22B17CAB000
heap
page read and write
220A7029000
heap
page read and write
1D6DC660000
trusted library allocation
page read and write
3190000
heap
page read and write
3BB127C000
stack
page read and write
28D6867D000
heap
page read and write
2B521A65000
heap
page read and write
E17000
unkown
page readonly
2019B23C000
heap
page read and write
1DDD47E000
stack
page read and write
1A2CD2B0000
heap
page read and write
2B521A29000
heap
page read and write
22B18587000
heap
page read and write
1DDD67F000
stack
page read and write
1CFDA46E000
heap
page read and write
FB1D4FE000
stack
page read and write
22B17C81000
heap
page read and write
3BB19FF000
stack
page read and write
1D6E102B000
heap
page read and write
201AA2F0000
heap
page read and write
22B18A02000
heap
page read and write
220A6F90000
heap
page read and write
2B521A7B000
heap
page read and write
22B18597000
heap
page read and write
2B521A13000
heap
page read and write
1D6E1052000
heap
page read and write
C82787C000
stack
page read and write
22B18599000
heap
page read and write
28D68E02000
trusted library allocation
page read and write
1D6E0D90000
trusted library allocation
page read and write
22B17D16000
heap
page read and write
22B18A21000
heap
page read and write
C82727E000
stack
page read and write
201AA320000
heap
page read and write
220A7088000
heap
page read and write
28D68500000
heap
page read and write
1D6DB873000
heap
page read and write
22B1855C000
heap
page read and write
44D05FC000
stack
page read and write
1CFDA230000
heap
page read and write
22B18517000
heap
page read and write
1A2CD47A000
heap
page read and write
1A2CD481000
heap
page read and write
1CFDA500000
heap
page read and write
2019B200000
heap
page read and write
28D68688000
heap
page read and write
1D6DCBF0000
trusted library allocation
page read and write
2B522002000
trusted library allocation
page read and write
1CFDA464000
heap
page read and write
28D68613000
heap
page read and write
2B521A6C000
heap
page read and write
1C951629000
heap
page read and write
1D6DB889000
heap
page read and write
22B1855C000
heap
page read and write
22B18A02000
heap
page read and write
1D6E0D80000
trusted library allocation
page read and write
1604000
heap
page read and write
15BA000
heap
page read and write
2019B27F000
heap
page read and write
1D6DBFF3000
trusted library allocation
page read and write
22B17CEC000
heap
page read and write
99F507E000
stack
page read and write
2B521A63000
heap
page read and write
1DDD1CB000
stack
page read and write
2019B27D000
heap
page read and write
22B17CFB000
heap
page read and write
28D68670000
heap
page read and write
2B521A47000
heap
page read and write
1D6E10A0000
heap
page read and write
1D6DB800000
heap
page read and write
1D6DB824000
heap
page read and write
C8279F8000
stack
page read and write
8DC8C7B000
stack
page read and write
2B521A59000
heap
page read and write
201AA312000
heap
page read and write
FA0000
trusted library allocation
page read and write
1D6E0EC0000
remote allocation
page read and write
22B17C00000
heap
page read and write
22B17CC8000
heap
page read and write
220A7900000
heap
page read and write
160D000
heap
page read and write
2019B288000
heap
page read and write
28D6865F000
heap
page read and write
31F0000
heap
page read and write
251B1900000
heap
page read and write
A64BDFC000
stack
page read and write
22B1855C000
heap
page read and write
1DDD77B000
stack
page read and write
22B1858A000
heap
page read and write
22B18A02000
heap
page read and write
8DC907D000
stack
page read and write
1D6E105F000
heap
page read and write
1D6E0E90000
trusted library allocation
page read and write
1D6DB6A0000
heap
page read and write
1CFDA42C000
heap
page read and write
2019B313000
heap
page read and write
1D6E0D90000
trusted library allocation
page read and write
220A70CC000
heap
page read and write
1C9513C0000
heap
page read and write
F89EB2E000
stack
page read and write
C8272FE000
stack
page read and write
22B185D8000
heap
page read and write
22B18592000
heap
page read and write
1D6E10FA000
heap
page read and write
1CFDAC02000
trusted library allocation
page read and write
1C951BC0000
remote allocation
page read and write
28D6865A000
heap
page read and write
28D68700000
heap
page read and write
2019B253000
heap
page read and write
1D6DC015000
heap
page read and write
1D6E0D81000
trusted library allocation
page read and write
1D6DC880000
trusted library section
page readonly
201AA317000
heap
page read and write
1D6E0D68000
trusted library allocation
page read and write
201AA316000
heap
page read and write
22B182D0000
remote allocation
page read and write
22B17CC1000
heap
page read and write
220A6F80000
heap
page read and write
1CFDA47A000
heap
page read and write
1D6DC8A0000
trusted library section
page readonly
1C951640000
heap
page read and write
22B1855E000
heap
page read and write
1D6DB89B000
heap
page read and write
1DDD97C000
stack
page read and write
A64BC7C000
stack
page read and write
2019B190000
trusted library allocation
page read and write
2B521A5A000
heap
page read and write
3220000
heap
page read and write
1D6DB858000
heap
page read and write
346F000
stack
page read and write
3BB197F000
stack
page read and write
C82747E000
stack
page read and write
1D6DBFF0000
trusted library allocation
page read and write
28D68702000
heap
page read and write
2019B24A000
heap
page read and write
22B185BC000
heap
page read and write
1D6DB88E000
heap
page read and write
2B5219D0000
trusted library allocation
page read and write
FB1D2FE000
stack
page read and write
201AA280000
heap
page read and write
1D6E1000000
heap
page read and write
1D6DB8F8000
heap
page read and write
8DC957F000
stack
page read and write
12FC000
stack
page read and write
1D6E103D000
heap
page read and write
1600000
heap
page read and write
22B18570000
heap
page read and write
3BB187B000
stack
page read and write
1A2CD477000
heap
page read and write
22B1858A000
heap
page read and write
1A2CD45B000
heap
page read and write
1A2CD426000
heap
page read and write
1D6E0EC0000
trusted library allocation
page read and write
22B1858B000
heap
page read and write
44D057F000
stack
page read and write
1D6DBE60000
trusted library allocation
page read and write
8DC947E000
stack
page read and write
1D6DB8AB000
heap
page read and write
1D6E101D000
heap
page read and write
1D6E0E30000
trusted library allocation
page read and write
1DDDB7F000
stack
page read and write
2B521A78000
heap
page read and write
1D6E0DA4000
trusted library allocation
page read and write
28D6867D000
heap
page read and write
3BB1AFF000
stack
page read and write
E8A000
unkown
page readonly
1CFDA240000
heap
page read and write
22B17D08000
heap
page read and write
F89F0F7000
stack
page read and write
44D0678000
stack
page read and write
22B185B3000
heap
page read and write
2019B213000
heap
page read and write
CA1000
unkown
page execute read
898977B000
stack
page read and write
1D6E0C50000
trusted library allocation
page read and write
1604000
heap
page read and write
22B18594000
heap
page read and write
1D6E10E1000
heap
page read and write
1C951C02000
trusted library allocation
page read and write
1604000
heap
page read and write
201AA301000
heap
page read and write
E6A000
unkown
page write copy
22B17C5D000
heap
page read and write
1A2CD42A000
heap
page read and write
C826FEB000
stack
page read and write
8DC937F000
stack
page read and write
220A7013000
heap
page read and write
1D6DB856000
heap
page read and write
2019B030000
heap
page read and write
1D6DC870000
trusted library section
page readonly
A64C0FC000
stack
page read and write
2B521A57000
heap
page read and write
201AA32C000
heap
page read and write
99F52FF000
stack
page read and write
1CFDA400000
heap
page read and write
E17000
unkown
page readonly
22B18593000
heap
page read and write
1D6DB813000
heap
page read and write
2B521A41000
heap
page read and write
8DC917E000
stack
page read and write
8DC977F000
stack
page read and write
1D6DC670000
trusted library allocation
page read and write
1CFDA513000
heap
page read and write
1A2CDC02000
trusted library allocation
page read and write
1D6DB913000
heap
page read and write
8DC967E000
stack
page read and write
1D6DB899000
heap
page read and write
2B521790000
heap
page read and write
22B18587000
heap
page read and write
1D6E10FB000
heap
page read and write
2B521A32000
heap
page read and write
22B17D02000
heap
page read and write
28D68661000
heap
page read and write
1D6DB83F000
heap
page read and write
22B18587000
heap
page read and write
1D6DB690000
heap
page read and write
22B185A6000
heap
page read and write
22B18594000
heap
page read and write
22B185D5000
heap
page read and write
22B1858A000
heap
page read and write
22B18595000
heap
page read and write
2B521A40000
heap
page read and write
99F517E000
stack
page read and write
22B1855C000
heap
page read and write
1D6DB871000
heap
page read and write
CA0000
unkown
page readonly
22B185A0000
heap
page read and write
1C951702000
heap
page read and write
1CFDA3A0000
trusted library allocation
page read and write
22B17AB0000
heap
page read and write
1DDDA7E000
stack
page read and write
251B1902000
heap
page read and write
1C951430000
heap
page read and write
1D6DB700000
heap
page read and write
251B1600000
heap
page read and write
220A7000000
heap
page read and write
22B17C5C000
heap
page read and write
1D6E0D84000
trusted library allocation
page read and write
220A6FF0000
heap
page read and write
22B18581000
heap
page read and write
2019B302000
heap
page read and write
1D6E0D60000
trusted library allocation
page read and write
ED0000
heap
page read and write
22B185CB000
heap
page read and write
160F000
heap
page read and write
22B17C81000
heap
page read and write
22B1856A000
heap
page read and write
251B1828000
heap
page read and write
251B1802000
heap
page read and write
201AA306000
heap
page read and write
22B17C5A000
heap
page read and write
C82757A000
stack
page read and write
160E000
heap
page read and write
1A2CD3B0000
trusted library allocation
page read and write
1C95165C000
heap
page read and write
22B1858A000
heap
page read and write
22B17C58000
heap
page read and write
898947B000
stack
page read and write
2019B229000
heap
page read and write
22B1859B000
heap
page read and write
251B15F0000
heap
page read and write
28D68713000
heap
page read and write
2B521A6E000
heap
page read and write
A64BAFF000
stack
page read and write
1C951602000
heap
page read and write
220A7113000
heap
page read and write
E68000
unkown
page write copy
99F4FFF000
stack
page read and write
220A7069000
heap
page read and write
2B521A3D000
heap
page read and write
22B18594000
heap
page read and write
99F527D000
stack
page read and write
44D06FF000
stack
page read and write
220A7051000
heap
page read and write
1D6DC113000
heap
page read and write
28D684A0000
heap
page read and write
1D6DB86C000
heap
page read and write
1CFDA502000
heap
page read and write
1C951BC0000
remote allocation
page read and write
2019B270000
heap
page read and write
1D6DC159000
heap
page read and write
1CFDA46E000
heap
page read and write
2B521A85000
heap
page read and write
22B18521000
heap
page read and write
220A7912000
heap
page read and write
1CFDA452000
heap
page read and write
2B521A27000
heap
page read and write
F89EEFB000
stack
page read and write
251B1760000
trusted library allocation
page read and write
22B18A00000
heap
page read and write
336E000
stack
page read and write
22B18587000
heap
page read and write
1C9513D0000
heap
page read and write
22B17C59000
heap
page read and write
1D6E0E70000
trusted library allocation
page read and write
3050000
trusted library allocation
page read and write
22B17CAC000
heap
page read and write
2B521A62000
heap
page read and write
28D6863C000
heap
page read and write
2019B308000
heap
page read and write
4B64DED000
stack
page read and write
E8A000
unkown
page readonly
251B187D000
heap
page read and write
1A2CD477000
heap
page read and write
There are 530 hidden memdumps, click here to show them.