IOC Report
400000.dll

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\400000.dll"
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\400000.dll",#1
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /s C:\Users\user\Desktop\400000.dll
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\400000.dll",#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\user\Desktop\400000.dll,DllRegisterServer

Domains

Name
IP
Malicious
eafd-ffgov-phx01.elasticafd.msedge.azure.us
20.141.10.208
b-9999.b-msedge.net
13.107.6.254
fp-afd.azureedge.us
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
272A6C23000
unkown
page read and write
272A6C46000
unkown
page read and write
272A7120000
unkown
page readonly
10FC000
stack
page read and write
3100000
heap
page read and write
DBE000
stack
page read and write
272A6C40000
unkown
page read and write
272A6D02000
unkown
page read and write
B30000
trusted library allocation
page read and write
58E000
stack
page read and write
125B000
heap
page read and write
154F000
stack
page read and write
93B000
stack
page read and write
47B0000
heap
page read and write
272A6C42000
unkown
page read and write
1CB000
stack
page read and write
CA0000
heap
page read and write
272A6ED0000
unkown
page write copy
272A6C43000
unkown
page read and write
7BC000
stack
page read and write
1250000
heap
page read and write
C90000
heap
page read and write
120000
heap
page read and write
890000
heap
page read and write
272A72B0000
unkown
page readonly
272A6C0A000
unkown
page read and write
272A6C53000
unkown
page read and write
8FC000
stack
page read and write
C30000
heap
page read and write
1590000
trusted library allocation
page read and write
CC0000
heap
page read and write
1660000
heap
page read and write
272A6F20000
unkown
page readonly
C3A000
heap
page read and write
C9A000
heap
page read and write
272A6C4E000
unkown
page read and write
640000
heap
page read and write
A10190D000
stack
page read and write
272A6C20000
unkown
page read and write
272A6C39000
unkown
page read and write
D30000
heap
page read and write
E8F000
stack
page read and write
720000
heap
page read and write
272A6BD0000
heap
page read and write
272A86C0000
unkown
page read and write
E60000
heap
page read and write
272A72A0000
unkown
page readonly
18C000
stack
page read and write
530000
heap
page read and write
9A0000
trusted library allocation
page read and write
272A6C58000
unkown
page read and write
E4E000
stack
page read and write
272A6C3E000
unkown
page read and write
272A6C29000
unkown
page read and write
7DF41DDF0000
unkown
page readonly
4860000
heap
page read and write
D70000
trusted library allocation
page read and write
272A6C32000
unkown
page read and write
D0D000
stack
page read and write
272A6C13000
unkown
page read and write
272A6C02000
unkown
page read and write
72A000
heap
page read and write
272A6C24000
unkown
page read and write
5CF000
stack
page read and write
7FB000
stack
page read and write
272A6C25000
unkown
page read and write
BC0000
heap
page read and write
1200000
heap
page read and write
500000
trusted library allocation
page read and write
272A6C0F000
unkown
page read and write
124E000
stack
page read and write
750000
heap
page read and write
144F000
stack
page read and write
There are 63 hidden memdumps, click here to show them.