IOC Report
http://ctldl.windowsupdate.com:80/msdownload/update/v3/static/trustedr/en/CABD2A79A1076A31F21D253635CB039D4329A5E8.crt?4d0e2557b629276c

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\Desktop\cmdline.out
ASCII text, with CRLF line terminators
modified
C:\Users\user\Desktop\download\CABD2A79A1076A31F21D253635CB039D4329A5E8.crt@4d0e2557b629276c
data
dropped

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "http://ctldl.windowsupdate.com:80/msdownload/update/v3/static/trustedr/en/CABD2A79A1076A31F21D253635CB039D4329A5E8.crt?4d0e2557b629276c" > cmdline.out 2>&1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\wget.exe
wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "http://ctldl.windowsupdate.com:80/msdownload/update/v3/static/trustedr/en/CABD2A79A1076A31F21D253635CB039D4329A5E8.crt?4d0e2557b629276c"

Memdumps

Base Address
Regiontype
Protect
Malicious
146F2580000
trusted library allocation
page read and write
146EED76000
heap
page read and write
1B8C2B95000
heap
page read and write
146F0A5B000
heap
page read and write
1B8C2BA0000
heap
page read and write
1F47AF02000
heap
page read and write
1B8C3019000
heap
page read and write
1B8C2B96000
heap
page read and write
146F0A34000
heap
page read and write
146F0AE1000
heap
page read and write
1B8C2B97000
heap
page read and write
1ECAFB80000
trusted library allocation
page read and write
146EEC88000
heap
page read and write
AC694FE000
stack
page read and write
1B8C2BD6000
heap
page read and write
1B8C2B8B000
heap
page read and write
1B8C2B87000
heap
page read and write
1B8C2B7B000
heap
page read and write
9F563FE000
stack
page read and write
1B7EE000000
heap
page read and write
1ED377C000
stack
page read and write
30000
heap
page read and write
101E000
stack
page read and write
1CAD47C000
stack
page read and write
1B6F91E0000
heap
page read and write
1ED3B7F000
stack
page read and write
1B7EE256000
heap
page read and write
1B8C2B73000
heap
page read and write
22521C48000
heap
page read and write
146F0ABB000
heap
page read and write
1B8C3003000
heap
page read and write
9F5617F000
stack
page read and write
1ED8D180000
heap
page read and write
146EED6A000
heap
page read and write
F4747A000
stack
page read and write
1B6F93D0000
heap
page read and write
1B7EEA02000
trusted library allocation
page read and write
22521C50000
trusted library allocation
page read and write
2251CF13000
heap
page read and write
146EECF1000
heap
page read and write
2251CE15000
heap
page read and write
2251C48B000
heap
page read and write
146F0A3A000
heap
page read and write
1B8C2B99000
heap
page read and write
2251C43D000
heap
page read and write
1B6F9240000
heap
page read and write
1B8C2BBE000
heap
page read and write
146EED02000
heap
page read and write
146EED6A000
heap
page read and write
1B8C2B78000
heap
page read and write
146F0A63000
heap
page read and write
1B8C2B99000
heap
page read and write
2251C2F0000
heap
page read and write
22521D06000
heap
page read and write
2251C455000
heap
page read and write
146F0A4C000
heap
page read and write
1C903281000
heap
page read and write
DAD5CFE000
stack
page read and write
146F0A20000
heap
page read and write
146EED6A000
heap
page read and write
2251C390000
trusted library section
page read and write
1B8C2B78000
heap
page read and write
9F567FC000
stack
page read and write
1B6F9230000
heap
page read and write
AC69679000
stack
page read and write
146F06C0000
heap
page read and write
1C903A02000
trusted library allocation
page read and write
22521CB4000
heap
page read and write
9F6000
heap
page read and write
146EED4C000
heap
page read and write
2251D440000
trusted library section
page readonly
1B8C2BA6000
heap
page read and write
10F6000
heap
page read and write
10F0000
heap
page read and write
1C0000
heap
page read and write
22521CFD000
heap
page read and write
1B8C2BAA000
heap
page read and write
C0B8DFC000
stack
page read and write
1B8C2B84000
heap
page read and write
18E000
stack
page read and write
1B8C2B6A000
heap
page read and write
1CAD2FE000
stack
page read and write
1B7EE24D000
heap
page read and write
9D0000
heap
page read and write
1CAD276000
stack
page read and write
146F0660000
remote allocation
page read and write
146F0A3A000
heap
page read and write
1B8C3002000
heap
page read and write
1C903249000
heap
page read and write
1C903200000
heap
page read and write
2251C49F000
heap
page read and write
146EED01000
heap
page read and write
2251C380000
trusted library allocation
page read and write
1B6F9242000
heap
page read and write
22521C56000
heap
page read and write
22521C14000
heap
page read and write
22521E50000
remote allocation
page read and write
146EEC30000
heap
page read and write
146EECE1000
heap
page read and write
1F47AE53000
heap
page read and write
1B8C2B78000
heap
page read and write
1B8C2B9D000
heap
page read and write
146F0D30000
heap
page read and write
1B8C3002000
heap
page read and write
146F0A1A000
heap
page read and write
1B0000
trusted library allocation
page read and write
2251CF18000
heap
page read and write
1B8C2B99000
heap
page read and write
146EED02000
heap
page read and write
146EECFD000
heap
page read and write
146F0A38000
heap
page read and write
22521CC5000
heap
page read and write
1B7EE308000
heap
page read and write
2251C476000
heap
page read and write
1C90324F000
heap
page read and write
1B8C2BA2000
heap
page read and write
146EECFD000
heap
page read and write
146F0AE1000
heap
page read and write
146F0A20000
heap
page read and write
146EECE1000
heap
page read and write
146EED65000
heap
page read and write
DAD5EFB000
stack
page read and write
1B8C2BAD000
heap
page read and write
146F0A17000
heap
page read and write
146EEAC0000
heap
page read and write
1B8C2B71000
heap
page read and write
1ECAFA10000
heap
page read and write
146EECE6000
heap
page read and write
146EECFB000
heap
page read and write
22521B11000
trusted library allocation
page read and write
2251CF58000
heap
page read and write
1B6F9240000
heap
page read and write
1F47AE3C000
heap
page read and write
1B8C2B75000
heap
page read and write
2251C474000
heap
page read and write
146F0A3D000
heap
page read and write
1B7EE28C000
heap
page read and write
22521C00000
heap
page read and write
1ED8D4C0000
trusted library allocation
page read and write
22521B10000
trusted library allocation
page read and write
1B7EE253000
heap
page read and write
1ED8D450000
trusted library allocation
page read and write
1CAD4FC000
stack
page read and write
146F0D10000
heap
page read and write
146F0A3D000
heap
page read and write
146EED3F000
heap
page read and write
2251C3F0000
trusted library allocation
page read and write
146EED4C000
heap
page read and write
1B6F9217000
heap
page read and write
146EED4C000
heap
page read and write
1ED367E000
stack
page read and write
22521B34000
trusted library allocation
page read and write
1ECAFD02000
heap
page read and write
C0B8BF7000
stack
page read and write
146F0A4C000
heap
page read and write
146F0A59000
heap
page read and write
1B7EE250000
heap
page read and write
1C903090000
heap
page read and write
146F0A38000
heap
page read and write
1ED8D373000
heap
page read and write
1B6F9240000
heap
page read and write
1B7EE24B000
heap
page read and write
1ECAFC02000
heap
page read and write
146F0A21000
heap
page read and write
9F55EFA000
stack
page read and write
1ED8D320000
heap
page read and write
1ED8D380000
heap
page read and write
1ED387B000
stack
page read and write
1B8C2B8F000
heap
page read and write
1B8C2B8F000
heap
page read and write
1B8C2B99000
heap
page read and write
1B8C3020000
heap
page read and write
1B8C2930000
remote allocation
page read and write
C0B88FE000
stack
page read and write
2251C400000
heap
page read and write
146F0A73000
heap
page read and write
1ED8D37F000
heap
page read and write
22521D00000
heap
page read and write
146F0B11000
heap
page read and write
1F47ACB0000
heap
page read and write
146F06C4000
heap
page read and write
1C903272000
heap
page read and write
2251CDF0000
trusted library allocation
page read and write
190000
heap
page read and write
1ECB0402000
trusted library allocation
page read and write
2251D400000
trusted library section
page readonly
1B7EE226000
heap
page read and write
1ED8D333000
heap
page read and write
146EEC40000
heap
page read and write
1B8C2B84000
heap
page read and write
AC6947D000
stack
page read and write
9F5647F000
stack
page read and write
1F47AE81000
heap
page read and write
146F0A2F000
heap
page read and write
1B7EE25A000
heap
page read and write
1B8C2B84000
heap
page read and write
1B8C2B92000
heap
page read and write
1B6F9241000
heap
page read and write
1F47AD10000
heap
page read and write
1B8C2BAA000
heap
page read and write
146EED3F000
heap
page read and write
2251C48D000
heap
page read and write
105E000
stack
page read and write
1B8C2B95000
heap
page read and write
1B8C2B80000
heap
page read and write
22521D06000
heap
page read and write
9F564FF000
stack
page read and write
146EEC3D000
heap
page read and write
398DEFE000
stack
page read and write
146EECE4000
heap
page read and write
1ED8D530000
heap
page read and write
1F47B5B0000
trusted library allocation
page read and write
1B8C2BB3000
heap
page read and write
9F558BB000
stack
page read and write
1B7EE300000
heap
page read and write
1B8C2BA6000
heap
page read and write
9F5627E000
stack
page read and write
146F0A9B000
heap
page read and write
1C903213000
heap
page read and write
22521AF0000
trusted library allocation
page read and write
146F0660000
remote allocation
page read and write
1B8C2BA9000
heap
page read and write
1B8C2B84000
heap
page read and write
1B6F9495000
heap
page read and write
1B8C2B8B000
heap
page read and write
2251C350000
heap
page read and write
1ED8D460000
trusted library allocation
page read and write
2251D960000
trusted library allocation
page read and write
2251C49D000
heap
page read and write
1F47B602000
trusted library allocation
page read and write
1F47AF00000
heap
page read and write
F4757F000
stack
page read and write
22521C40000
trusted library allocation
page read and write
146EED6A000
heap
page read and write
1B8C2B7A000
heap
page read and write
146F0A14000
heap
page read and write
2251C4FD000
heap
page read and write
1ED8D369000
heap
page read and write
F9F000
stack
page read and write
2251CE02000
heap
page read and write
1ED8D539000
heap
page read and write
146EED1E000
heap
page read and write
1B8C3002000
heap
page read and write
2251C413000
heap
page read and write
1B7EE270000
heap
page read and write
1ED339E000
stack
page read and write
1B6F9225000
heap
page read and write
1B8C2B95000
heap
page read and write
1F47ACA0000
heap
page read and write
1B7EE302000
heap
page read and write
1B8C2BA6000
heap
page read and write
C0B85FB000
stack
page read and write
22521E10000
trusted library allocation
page read and write
1B8C2B7A000
heap
page read and write
1B8C2B71000
heap
page read and write
146EECFB000
heap
page read and write
1F47AF13000
heap
page read and write
1B8C2B9D000
heap
page read and write
1C903020000
heap
page read and write
146EEC80000
heap
page read and write
F4777C000
stack
page read and write
1B6F9223000
heap
page read and write
1C903313000
heap
page read and write
DAD61FE000
stack
page read and write
1ECAFD13000
heap
page read and write
1B8C2B89000
heap
page read and write
1B6F9247000
heap
page read and write
1B8C3002000
heap
page read and write
1B7EE200000
heap
page read and write
2251CF59000
heap
page read and write
31DF000
stack
page read and write
2FDF000
stack
page read and write
1B7EE255000
heap
page read and write
22521C1D000
heap
page read and write
22521AF0000
trusted library allocation
page read and write
1CAD5FE000
stack
page read and write
146F0A20000
heap
page read and write
2251D540000
trusted library allocation
page read and write
1B6F920B000
heap
page read and write
1C903251000
heap
page read and write
22521C63000
heap
page read and write
1F47AE62000
heap
page read and write
146F0A1A000
heap
page read and write
1ECAFC00000
heap
page read and write
22521E20000
trusted library allocation
page read and write
22521C3B000
heap
page read and write
1F47AE00000
heap
page read and write
2251C458000
heap
page read and write
1B8C2B74000
heap
page read and write
1B8C20A2000
heap
page read and write
146F0A4C000
heap
page read and write
1F47AE60000
heap
page read and write
1B8C2B78000
heap
page read and write
1CAD57E000
stack
page read and write
146F0A26000
heap
page read and write
146F0A3D000
heap
page read and write
2251CF02000
heap
page read and write
22521CEF000
heap
page read and write
146EED4C000
heap
page read and write
1CAD3FF000
stack
page read and write
1F47AE5C000
heap
page read and write
1ECAFD00000
heap
page read and write
1B8C2BA0000
heap
page read and write
1B7EE278000
heap
page read and write
22521D02000
heap
page read and write
1C903190000
trusted library allocation
page read and write
2251CF18000
heap
page read and write
146F0A21000
heap
page read and write
146F0A38000
heap
page read and write
2251C502000
heap
page read and write
2251D450000
trusted library section
page readonly
22521B20000
trusted library allocation
page read and write
146F0AE2000
heap
page read and write
2251D410000
trusted library section
page readonly
146F0B10000
heap
page read and write
146F0A4C000
heap
page read and write
146F0B30000
heap
page read and write
1ECAFC28000
heap
page read and write
1B8C2B78000
heap
page read and write
1B8C2B84000
heap
page read and write
22521C89000
heap
page read and write
146EED04000
heap
page read and write
140000
trusted library allocation
page read and write
146F0A26000
heap
page read and write
F476FE000
stack
page read and write
1C903308000
heap
page read and write
AC696FE000
stack
page read and write
1B8C3002000
heap
page read and write
2251C2E0000
heap
page read and write
9F560FB000
stack
page read and write
1B8C2B6A000
heap
page read and write
9CC000
stack
page read and write
146EED6A000
heap
page read and write
1ECAFC7C000
heap
page read and write
1C903256000
heap
page read and write
DAD599C000
stack
page read and write
2CC0000
heap
page read and write
1ED8D535000
heap
page read and write
1B6F9226000
heap
page read and write
146EED04000
heap
page read and write
146EEC00000
heap
page read and write
146F0A38000
heap
page read and write
1B8C2B96000
heap
page read and write
1ED8D510000
heap
page readonly
1B6F9212000
heap
page read and write
1B8C2BAF000
heap
page read and write
9F5593E000
stack
page read and write
C0B8CFF000
stack
page read and write
9F55FFF000
stack
page read and write
22521B30000
trusted library allocation
page read and write
13E000
stack
page read and write
1B7EDF90000
heap
page read and write
1B7EE279000
heap
page read and write
1C903270000
heap
page read and write
22521CFB000
heap
page read and write
1F47AE5A000
heap
page read and write
22521AF8000
trusted library allocation
page read and write
1B7EE313000
heap
page read and write
1B8C3002000
heap
page read and write
22521B20000
trusted library allocation
page read and write
1B8C2B84000
heap
page read and write
AC695F9000
stack
page read and write
9F562FF000
stack
page read and write
1C903229000
heap
page read and write
1ECAFA20000
heap
page read and write
1B8C2B99000
heap
page read and write
1B8C3002000
heap
page read and write
1ED8D190000
trusted library allocation
page read and write
146F0A26000
heap
page read and write
1F47AF08000
heap
page read and write
9F566FC000
stack
page read and write
AC6918C000
stack
page read and write
1B8C2B84000
heap
page read and write
1C903275000
heap
page read and write
1B8C2B88000
heap
page read and write
1B8C20A9000
heap
page read and write
22521D08000
heap
page read and write
146F0A4C000
heap
page read and write
1F47AE5E000
heap
page read and write
22521CB2000
heap
page read and write
1F47AE29000
heap
page read and write
1B8C2B8B000
heap
page read and write
1C90324A000
heap
page read and write
1ED8E030000
trusted library allocation
page read and write
146F0A54000
heap
page read and write
9F559BE000
stack
page read and write
22521C2B000
heap
page read and write
1B8C2B7F000
heap
page read and write
1ED8E240000
trusted library allocation
page read and write
146F0A3D000
heap
page read and write
1B6F9248000
heap
page read and write
AC697FC000
stack
page read and write
1B6F9230000
heap
page read and write
1B7EDFA0000
heap
page read and write
9F55DFB000
stack
page read and write
1B8C2B84000
heap
page read and write
22521E00000
trusted library allocation
page read and write
1C903302000
heap
page read and write
1B8C2B78000
heap
page read and write
1B6F9180000
heap
page read and write
1B8C2BA6000
heap
page read and write
1B8C2B84000
heap
page read and write
AC6957E000
stack
page read and write
C0B887E000
stack
page read and write
1ED8D2E0000
heap
page read and write
146EECF0000
heap
page read and write
1B8C2B7A000
heap
page read and write
1B6F9230000
heap
page read and write
DAD5C7E000
stack
page read and write
1B6F9217000
heap
page read and write
146F0A65000
heap
page read and write
1B8C2B81000
heap
page read and write
22521BC0000
trusted library allocation
page read and write
146F0A3D000
heap
page read and write
146F0A3A000
heap
page read and write
9D8000
heap
page read and write
DAD5DFB000
stack
page read and write
1ECAFC13000
heap
page read and write
DAD5FF7000
stack
page read and write
146F0A20000
heap
page read and write
1B8C2B8C000
heap
page read and write
1C903030000
heap
page read and write
1B8C2BAD000
heap
page read and write
9F565FD000
stack
page read and write
146F0B0D000
heap
page read and write
225219D0000
trusted library allocation
page read and write
22521E30000
trusted library allocation
page read and write
1B8C2B8B000
heap
page read and write
1B8C2930000
remote allocation
page read and write
1ED8D540000
trusted library allocation
page read and write
2251C4AE000
heap
page read and write
2251C3F3000
trusted library allocation
page read and write
146F0A5E000
heap
page read and write
D9F000
stack
page read and write
9F55CF7000
stack
page read and write
22521E50000
remote allocation
page read and write
146F0A26000
heap
page read and write
22521B14000
trusted library allocation
page read and write
1ED8D500000
trusted library allocation
page read and write
1ED8D520000
trusted library allocation
page read and write
1B8C2B75000
heap
page read and write
1B8C2930000
remote allocation
page read and write
146F0A1A000
heap
page read and write
1F47AE13000
heap
page read and write
1B7EE259000
heap
page read and write
DAD60FF000
stack
page read and write
1B6F9227000
heap
page read and write
1ED3977000
stack
page read and write
146EED6A000
heap
page read and write
225219E0000
trusted library allocation
page read and write
2251C429000
heap
page read and write
C0B8AFB000
stack
page read and write
146F0B5C000
heap
page read and write
398DCFB000
stack
page read and write
146F0A3A000
heap
page read and write
2251C492000
heap
page read and write
1ED331B000
stack
page read and write
1B8C2B9E000
heap
page read and write
398D7AB000
stack
page read and write
1B8C2BAF000
heap
page read and write
22521AFE000
trusted library allocation
page read and write
1B8C2BA7000
heap
page read and write
398DFFF000
stack
page read and write
1ED8D326000
heap
page read and write
2251CE00000
heap
page read and write
9F568FE000
stack
page read and write
22521CF7000
heap
page read and write
2251C46F000
heap
page read and write
1C903300000
heap
page read and write
1ED8D378000
heap
page read and write
1ECAFC65000
heap
page read and write
146EECFB000
heap
page read and write
146EED4C000
heap
page read and write
146EECFD000
heap
page read and write
1B8C2B84000
heap
page read and write
2251C479000
heap
page read and write
146EED3F000
heap
page read and write
2251C513000
heap
page read and write
1CAD37E000
stack
page read and write
146EEC35000
heap
page read and write
2251CF00000
heap
page read and write
1B7EE283000
heap
page read and write
9F561FE000
stack
page read and write
146EED4F000
heap
page read and write
146F0A38000
heap
page read and write
2251D430000
trusted library section
page readonly
F47679000
stack
page read and write
1ED8D379000
heap
page read and write
146F0A26000
heap
page read and write
146EECE4000
heap
page read and write
1B8C2B7A000
heap
page read and write
196000
heap
page read and write
22521960000
trusted library allocation
page read and write
1B7EE229000
heap
page read and write
1C90323C000
heap
page read and write
1B8C2BBD000
heap
page read and write
1ECAFA80000
heap
page read and write
22521D08000
heap
page read and write
1ED8E290000
trusted library allocation
page read and write
146F0660000
remote allocation
page read and write
1B7EE100000
trusted library allocation
page read and write
1B6F9490000
heap
page read and write
1B8C3003000
heap
page read and write
22521E50000
remote allocation
page read and write
146EECE1000
heap
page read and write
398DDFE000
stack
page read and write
C0B8EFF000
stack
page read and write
146F0A3A000
heap
page read and write
1F47AE77000
heap
page read and write
2251D420000
trusted library section
page readonly
146F0A59000
heap
page read and write
9C000
stack
page read and write
1B8C2B73000
heap
page read and write
F475FF000
stack
page read and write
F474FF000
stack
page read and write
1B8C2B86000
heap
page read and write
1B7EE213000
heap
page read and write
146F0B11000
heap
page read and write
1ED3A7F000
stack
page read and write
146EED6B000
heap
page read and write
1ED8D39C000
heap
page read and write
1ED8D37F000
heap
page read and write
1B7EE23C000
heap
page read and write
2251CDD1000
trusted library allocation
page read and write
146F0B0D000
heap
page read and write
1B8C2B62000
heap
page read and write
1B8C2BA9000
heap
page read and write
1ED8D2C0000
heap
page read and write
1B8C2B7C000
heap
page read and write
146F0A20000
heap
page read and write
AC69779000
stack
page read and write
1B6F9200000
heap
page read and write
1ECAFC3E000
heap
page read and write
There are 523 hidden memdumps, click here to show them.