IOC Report
PO No. 3200005919.exe

loading gif

Files

File Path
Type
Category
Malicious
PO No. 3200005919.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
initial sample
malicious
C:\Users\user\AppData\Local\Temp\nskA46.tmp\System.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
modified
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Afskede\Hitherunto\Sale\Swedish.ini
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Airward.Sav
Java JCE KeyStore
dropped
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\Oncosis.syl
data
dropped
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\WMIMethod.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\Overfurnished\Tuberculisation\Woodwose\Circularizations126\Iltningernes\Mellivorous\qipcap.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\leprousness.lnk
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\PO No. 3200005919.exe
C:\Users\user\Desktop\PO No. 3200005919.exe
malicious

URLs

Name
IP
Malicious
http://nsis.sf.net/NSIS_ErrorError
unknown
https://mozilla.org0
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{BD84B380-8CA2-1069-AB1D-08000948F534} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
@fontext.dll,-8007

Memdumps

Base Address
Regiontype
Protect
Malicious
4020000
direct allocation
page execute and read and write
malicious
21A0B452000
heap
page read and write
23C405C8000
heap
page read and write
23C3FDB9000
heap
page read and write
272E000
stack
page read and write
18BFF62E000
heap
page read and write
19FB5FD000
stack
page read and write
793B37F000
stack
page read and write
18BFF440000
heap
page read and write
23C3F990000
heap
page read and write
2269000
heap
page read and write
18BFF602000
heap
page read and write
2A0CDBC0000
trusted library allocation
page read and write
1E423302000
heap
page read and write
8C59FFE000
stack
page read and write
21A0B463000
heap
page read and write
D1497FE000
stack
page read and write
21A0B479000
heap
page read and write
21A0BE02000
trusted library allocation
page read and write
18BFF658000
heap
page read and write
80E037F000
stack
page read and write
23C3F9A0000
heap
page read and write
220EAE00000
heap
page read and write
2266000
heap
page read and write
23C40502000
heap
page read and write
8C5A0FF000
stack
page read and write
2A0CDCC4000
heap
page read and write
793B17A000
stack
page read and write
19FB8FE000
stack
page read and write
23C40402000
heap
page read and write
220EAE77000
heap
page read and write
3540000
heap
page read and write
23C3FC43000
heap
page read and write
220EAC00000
heap
page read and write
18BFF629000
heap
page read and write
21A0B475000
heap
page read and write
80DFF7C000
stack
page read and write
21A0B45A000
heap
page read and write
23C40590000
heap
page read and write
2269000
heap
page read and write
1E4239F0000
remote allocation
page read and write
4FFBF7E000
stack
page read and write
23C3FB20000
trusted library allocation
page read and write
4FFC07A000
stack
page read and write
32B1000
trusted library allocation
page read and write
D149CFE000
stack
page read and write
21A0B474000
heap
page read and write
18BFFE02000
trusted library allocation
page read and write
23C3FC6C000
heap
page read and write
D1498FE000
stack
page read and write
220EAC70000
heap
page read and write
21A0B45C000
heap
page read and write
21A0B43A000
heap
page read and write
408000
unkown
page readonly
23C40630000
heap
page read and write
2269000
heap
page read and write
21A0B360000
heap
page read and write
23C40554000
heap
page read and write
2A0CDD02000
heap
page read and write
4FFBE79000
stack
page read and write
21A0B413000
heap
page read and write
3440000
heap
page read and write
21A0B440000
heap
page read and write
21A0B460000
heap
page read and write
4FFBCFE000
stack
page read and write
32B0000
trusted library allocation
page read and write
21A0B502000
heap
page read and write
19FAEFB000
stack
page read and write
23C405BC000
heap
page read and write
42D000
unkown
page read and write
2A0CE500000
heap
page read and write
19FB77D000
stack
page read and write
32B1000
trusted library allocation
page read and write
2260000
heap
page read and write
1E4239F0000
remote allocation
page read and write
5A7000
heap
page read and write
2A0CDC71000
heap
page read and write
3160000
trusted library allocation
page read and write
3810000
heap
page read and write
5D9000
heap
page read and write
80E017F000
stack
page read and write
18BFF702000
heap
page read and write
D14967C000
stack
page read and write
2A0CDC00000
heap
page read and write
8C59EFE000
stack
page read and write
23C405AE000
heap
page read and write
18BFF450000
heap
page read and write
8C5A1FE000
stack
page read and write
1E423224000
heap
page read and write
23C3FC54000
heap
page read and write
226C000
heap
page read and write
2A0CDCCB000
heap
page read and write
18BFF4A0000
heap
page read and write
1E4239F0000
remote allocation
page read and write
97000
stack
page read and write
23C40623000
heap
page read and write
220EAE70000
heap
page read and write
23C3FC4E000
heap
page read and write
3486000
heap
page read and write
220EAE3D000
heap
page read and write
19FB3FE000
stack
page read and write
2A0CDA50000
heap
page read and write
18BFF652000
heap
page read and write
18BFF645000
heap
page read and write
33C0000
heap
page read and write
23C3FD13000
heap
page read and write
32B1000
trusted library allocation
page read and write
19FB67E000
stack
page read and write
21A0B47E000
heap
page read and write
23C3FB00000
trusted library allocation
page read and write
220EAE02000
heap
page read and write
220EB602000
trusted library allocation
page read and write
23C3FD8E000
heap
page read and write
226C000
heap
page read and write
21A0B458000
heap
page read and write
2A0CE402000
heap
page read and write
21A0B462000
heap
page read and write
21A0B477000
heap
page read and write
3170000
trusted library allocation
page read and write
D14947B000
stack
page read and write
21A0B47B000
heap
page read and write
2254000
heap
page read and write
23C40500000
heap
page read and write
18BFF63C000
heap
page read and write
793AF7E000
stack
page read and write
21A0B43C000
heap
page read and write
21A0B429000
heap
page read and write
220EAC10000
heap
page read and write
40A000
unkown
page read and write
5E4000
heap
page read and write
21A0B456000
heap
page read and write
401000
unkown
page execute read
32B1000
trusted library allocation
page read and write
19FB37C000
stack
page read and write
2269000
heap
page read and write
1E423A02000
trusted library allocation
page read and write
220EAE13000
heap
page read and write
25EE000
stack
page read and write
220EAE25000
heap
page read and write
2A0CDC42000
heap
page read and write
21A0B3C0000
heap
page read and write
80E067E000
stack
page read and write
23C3FC63000
heap
page read and write
D14997C000
stack
page read and write
D149A7D000
stack
page read and write
220EAE29000
heap
page read and write
23C3FC00000
heap
page read and write
23C3FC6A000
heap
page read and write
2268000
heap
page read and write
18BFF613000
heap
page read and write
220EAF13000
heap
page read and write
2A0CDC13000
heap
page read and write
480000
trusted library allocation
page read and write
435000
unkown
page read and write
1E423200000
heap
page read and write
5A0000
heap
page read and write
1E42323D000
heap
page read and write
80E057F000
stack
page read and write
65B000
heap
page read and write
3480000
heap
page read and write
226C000
heap
page read and write
1E423257000
heap
page read and write
45E000
unkown
page read and write
23C3FC90000
heap
page read and write
220EAE6C000
heap
page read and write
80E047E000
stack
page read and write
23C40522000
heap
page read and write
18BFF600000
heap
page read and write
23C40613000
heap
page read and write
80DF90B000
stack
page read and write
18BFF654000
heap
page read and write
1E4230C0000
heap
page read and write
3F20000
trusted library allocation
page read and write
21A0B350000
heap
page read and write
8C59D7E000
stack
page read and write
220EAF02000
heap
page read and write
80DFE7F000
stack
page read and write
3820000
trusted library allocation
page read and write
2A0CDAC0000
heap
page read and write
21A0B3F0000
trusted library allocation
page read and write
80DFD7B000
stack
page read and write
18BFF64A000
heap
page read and write
D149AFB000
stack
page read and write
35E0000
heap
page read and write
21A0B400000
heap
page read and write
23C40543000
heap
page read and write
2A0CDA60000
heap
page read and write
21A0B441000
heap
page read and write
23C3FC2F000
heap
page read and write
30000
heap
page read and write
10001000
unkown
page execute read
793AB6C000
stack
page read and write
21A0B464000
heap
page read and write
3620000
heap
page read and write
21A0B432000
heap
page read and write
23C3FC56000
heap
page read and write
4FFBDFC000
stack
page read and write
226B000
heap
page read and write
220EAD70000
trusted library allocation
page read and write
645000
heap
page read and write
21A0B461000
heap
page read and write
23C40522000
heap
page read and write
1E423229000
heap
page read and write
23C3FC90000
heap
page read and write
23C3FC3D000
heap
page read and write
23C40627000
heap
page read and write
10003000
unkown
page readonly
21A0B459000
heap
page read and write
23C4056F000
heap
page read and write
D149EFF000
stack
page read and write
2220000
heap
page read and write
23C40600000
heap
page read and write
1E4239C0000
trusted library allocation
page read and write
793B27E000
stack
page read and write
21A0B465000
heap
page read and write
2A0CDC29000
heap
page read and write
4FFC17E000
stack
page read and write
1E423202000
heap
page read and write
2269000
heap
page read and write
427000
unkown
page read and write
793B07C000
stack
page read and write
282D000
stack
page read and write
23C3FC8A000
heap
page read and write
23C3FC86000
heap
page read and write
23C3FC13000
heap
page read and write
634000
heap
page read and write
2A0CDCBA000
heap
page read and write
1E423213000
heap
page read and write
D149BFC000
stack
page read and write
2269000
heap
page read and write
23C40602000
heap
page read and write
8C59CFE000
stack
page read and write
23C3FDE5000
heap
page read and write
220EAE5B000
heap
page read and write
23C3FA00000
heap
page read and write
1E42325C000
heap
page read and write
408000
unkown
page readonly
4FFB7AB000
stack
page read and write
2A0CDD13000
heap
page read and write
226C000
heap
page read and write
10000000
unkown
page readonly
2859000
trusted library allocation
page read and write
460000
unkown
page readonly
460000
unkown
page readonly
4FFBBFA000
stack
page read and write
23C3FC29000
heap
page read and write
4A0000
heap
page read and write
21A0B47A000
heap
page read and write
2269000
heap
page read and write
2A0CDCE2000
heap
page read and write
21A0B45F000
heap
page read and write
80E077F000
stack
page read and write
18BFF5A0000
trusted library allocation
page read and write
10005000
unkown
page readonly
400000
unkown
page readonly
432000
unkown
page read and write
4FFC1FF000
stack
page read and write
40A000
unkown
page write copy
23C3FC5B000
heap
page read and write
3150000
trusted library allocation
page read and write
400000
unkown
page readonly
1E423120000
heap
page read and write
21A0B442000
heap
page read and write
21A0B468000
heap
page read and write
2269000
heap
page read and write
23C3FC51000
heap
page read and write
18BFF636000
heap
page read and write
D149DFC000
stack
page read and write
2250000
heap
page read and write
1E4230B0000
heap
page read and write
4FFC27F000
stack
page read and write
32B1000
trusted library allocation
page read and write
21A0B46C000
heap
page read and write
21A0B457000
heap
page read and write
21A0B449000
heap
page read and write
8C59C7C000
stack
page read and write
1E423226000
heap
page read and write
21A0B483000
heap
page read and write
80E027D000
stack
page read and write
21A0B455000
heap
page read and write
198000
stack
page read and write
26EE000
stack
page read and write
2269000
heap
page read and write
401000
unkown
page execute read
There are 274 hidden memdumps, click here to show them.