IOC Report
WCTBt2z7KE.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\WCTBt2z7KE.exe
"C:\Users\user\Desktop\WCTBt2z7KE.exe"
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
14005A000
unkown
page execute and write copy
4AF000
heap
page read and write
4AE000
heap
page read and write
995000
heap
page read and write
4D0000
heap
page read and write
4AF000
heap
page read and write
4A9000
heap
page read and write
140067000
unkown
page read and write
140067000
unkown
page write copy
140083000
unkown
page read and write
1400A9000
unkown
page read and write
99B000
heap
page read and write
14C000
stack
page read and write
4A5000
heap
page read and write
916000
heap
page read and write
1400A7000
unkown
page write copy
4CA000
heap
page read and write
1E0000
heap
page read and write
450000
heap
page read and write
4A5000
heap
page read and write
2240000
heap
page read and write
8F0000
heap
page read and write
2400000
heap
page read and write
4B2000
heap
page read and write
46B000
heap
page read and write
2403000
heap
page read and write
2250000
heap
page read and write
4A9000
heap
page read and write
140064000
unkown
page execute and read and write
1400A9000
unkown
page write copy
2950000
trusted library allocation
page read and write
990000
heap
page read and write
1A0000
heap
page read and write
1400A7000
unkown
page read and write
4B5000
heap
page read and write
140001000
unkown
page execute and read and write
10000
heap
page read and write
140083000
unkown
page write copy
140000000
unkown
page readonly
4AE000
heap
page read and write
82F000
stack
page read and write
4A0000
heap
page read and write
72F000
stack
page read and write
180000
heap
page read and write
910000
heap
page read and write
140066000
unkown
page execute and write copy
914000
heap
page read and write
140000000
unkown
page readonly
4B5000
heap
page read and write
460000
heap
page read and write
There are 40 hidden memdumps, click here to show them.