IOC Report
DefendUpdate.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\DefendUpdate.exe
C:\Users\user\Desktop\DefendUpdate.exe
malicious
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /C choice /C Y /N /D Y /T 0 &Del C:\Users\user\Desktop\DefendUpdate.exe
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\choice.exe
choice /C Y /N /D Y /T 0

URLs

Name
IP
Malicious
https://go-rod.github.io/#/compatibility?id=os:
unknown
https://go-rod.github.io/#/compatibility?id=osfunction(e)
unknown
https://studio.youtube.com/youtubei/v1/security/get_web_reauth_url?alt=json&key=tls:
unknown
https://registry.npmmirror.com/-/binary/chromium-browser-snapshots/%s/%d/%stls:
unknown
https://studio.youtube.com/reauth
unknown
https://youtube.comif-unmodified-sinceillegal
unknown
https://www.youtube.comindex
unknown
http://www.bohemiancoding.com/sketch
unknown
https://www.youtube.com/getAccountSwitcherEndpointmallocgc
unknown
https://youtube.com/inconsistent
unknown
https://golang.org/pkg/time/#ParseDuration)
unknown
https://studio.youtube.com/youtubei/v1/ars/grst?alt=json&key=net/http:
unknown
There are 2 hidden URLs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
C0001DB000
direct allocation
page read and write
C000114000
direct allocation
page read and write
C000136000
direct allocation
page read and write
1F2E000
unkown
page read and write
23CE7C51000
direct allocation
page read and write
C0001D1000
direct allocation
page read and write
C000002000
direct allocation
page read and write
C0001C7000
direct allocation
page read and write
23CE7E80000
heap
page read and write
22E369FC000
heap
page read and write
22E36D80000
heap
page read and write
C000174000
direct allocation
page read and write
C0001DD000
direct allocation
page read and write
C0000E6000
direct allocation
page read and write
C000060000
direct allocation
page read and write
C00016C000
direct allocation
page read and write
C000004000
direct allocation
page read and write
C000080000
direct allocation
page read and write
C000240000
direct allocation
page read and write
C00018F000
direct allocation
page read and write
C00040D000
direct allocation
page read and write
C0001B7000
direct allocation
page read and write
C000166000
direct allocation
page read and write
BABB1FE000
stack
page read and write
C0001E1000
direct allocation
page read and write
C000090000
direct allocation
page read and write
C000210000
direct allocation
page read and write
C000098000
direct allocation
page read and write
C0001C9000
direct allocation
page read and write
C000026000
direct allocation
page read and write
C000033000
direct allocation
page read and write
C000144000
direct allocation
page read and write
C0003BA000
direct allocation
page read and write
498AD7F000
stack
page read and write
C00013E000
direct allocation
page read and write
C000252000
direct allocation
page read and write
BABB3FF000
stack
page read and write
C00013C000
direct allocation
page read and write
C000400000
direct allocation
page read and write
C0001B5000
direct allocation
page read and write
C0000EA000
direct allocation
page read and write
C00002E000
direct allocation
page read and write
C00018C000
direct allocation
page read and write
C000124000
direct allocation
page read and write
C0001BD000
direct allocation
page read and write
C000244000
direct allocation
page read and write
BABA7FF000
stack
page read and write
C0001E7000
direct allocation
page read and write
C00005A000
direct allocation
page read and write
C0003A0000
direct allocation
page read and write
C00040A000
direct allocation
page read and write
C0001B3000
direct allocation
page read and write
C00006E000
direct allocation
page read and write
23CE211B000
direct allocation
page read and write
C0000DC000
direct allocation
page read and write
C000046000
direct allocation
page read and write
C0001EF000
direct allocation
page read and write
22E369F0000
heap
page read and write
C00006C000
direct allocation
page read and write
C000108000
direct allocation
page read and write
C0001D9000
direct allocation
page read and write
C0001B9000
direct allocation
page read and write
C00016E000
direct allocation
page read and write
C00024A000
direct allocation
page read and write
C00001C000
direct allocation
page read and write
C0003AA000
direct allocation
page read and write
C0001CF000
direct allocation
page read and write
C0001D5000
direct allocation
page read and write
498AC7C000
stack
page read and write
C0001DF000
direct allocation
page read and write
C0003A2000
direct allocation
page read and write
C0000E2000
direct allocation
page read and write
C0001FB000
direct allocation
page read and write
C00016A000
direct allocation
page read and write
C0001EB000
direct allocation
page read and write
C000068000
direct allocation
page read and write
C0000F4000
direct allocation
page read and write
C00006A000
direct allocation
page read and write
C000041000
direct allocation
page read and write
C00004D000
direct allocation
page read and write
C000220000
direct allocation
page read and write
C000200000
direct allocation
page read and write
C00023C000
direct allocation
page read and write
C000408000
direct allocation
page read and write
1EC8000
unkown
page execute and read and write
C0001E3000
direct allocation
page read and write
C0001E9000
direct allocation
page read and write
C00013A000
direct allocation
page read and write
C000380000
direct allocation
page read and write
C000134000
direct allocation
page read and write
23CE2085000
heap
page read and write
23CE2170000
heap
page read and write
1A2A000
unkown
page execute and read and write
C0001ED000
direct allocation
page read and write
22E36970000
heap
page read and write
23CE7EA1000
heap
page read and write
C00000C000
direct allocation
page read and write
C000062000
direct allocation
page read and write
C000064000
direct allocation
page read and write
C000246000
direct allocation
page read and write
23CE7DA1000
direct allocation
page read and write
C000388000
direct allocation
page read and write
C0001F7000
direct allocation
page read and write
C000043000
direct allocation
page read and write
C00004A000
direct allocation
page read and write
1EC1000
unkown
page execute and read and write
C000242000
direct allocation
page read and write
C000232000
direct allocation
page read and write
23CE20D0000
heap
page read and write
C000028000
direct allocation
page read and write
1EFF000
unkown
page execute and read and write
C0000F2000
direct allocation
page read and write
23CE7E1C000
direct allocation
page read and write
22E368E0000
heap
page read and write
C0000DA000
direct allocation
page read and write
C0001F5000
direct allocation
page read and write
23CE20F0000
heap
page read and write
23CE2114000
direct allocation
page read and write
1B66000
unkown
page execute and read and write
C0001CD000
direct allocation
page read and write
C00001E000
direct allocation
page read and write
BABB5FF000
stack
page read and write
C0003CA000
direct allocation
page read and write
C0001D3000
direct allocation
page read and write
23CE7D70000
direct allocation
page read and write
1EEF000
unkown
page execute and read and write
C00040F000
direct allocation
page read and write
22E369F8000
heap
page read and write
C0000FE000
direct allocation
page read and write
C00023A000
direct allocation
page read and write
C00004F000
direct allocation
page read and write
23CE7E22000
direct allocation
page read and write
C0001AF000
direct allocation
page read and write
C00009E000
direct allocation
page read and write
C0000BC000
direct allocation
page read and write
10D0000
unkown
page readonly
23CE2080000
heap
page read and write
C000066000
direct allocation
page read and write
C000006000
direct allocation
page read and write
1A27000
unkown
page execute and read and write
BABA5FB000
stack
page read and write
C00017C000
direct allocation
page read and write
C000406000
direct allocation
page read and write
C000413000
direct allocation
page read and write
C000236000
direct allocation
page read and write
1F2E000
unkown
page write copy
C000030000
direct allocation
page read and write
C000024000
direct allocation
page read and write
498ACFF000
stack
page read and write
C0001C1000
direct allocation
page read and write
C0000C5000
direct allocation
page read and write
23CE2119000
direct allocation
page read and write
C0001C3000
direct allocation
page read and write
C00019E000
direct allocation
page read and write
C000222000
direct allocation
page read and write
C0000CC000
direct allocation
page read and write
C0001AB000
direct allocation
page read and write
C000411000
direct allocation
page read and write
22E36950000
heap
page read and write
23CE217C000
heap
page read and write
C0001B1000
direct allocation
page read and write
23CE7E50000
direct allocation
page read and write
23CE7E10000
direct allocation
page read and write
C000226000
direct allocation
page read and write
23CE7C60000
direct allocation
page read and write
22E36D85000
heap
page read and write
C00003C000
direct allocation
page read and write
C00005E000
direct allocation
page read and write
BABABFE000
stack
page read and write
23CE7E20000
direct allocation
page read and write
1AE1000
unkown
page execute and write copy
C000022000
direct allocation
page read and write
C000106000
direct allocation
page read and write
C0003C6000
direct allocation
page read and write
C00008D000
direct allocation
page read and write
BABA9FF000
stack
page read and write
C0001F9000
direct allocation
page read and write
10D0000
unkown
page readonly
C000051000
direct allocation
page read and write
C0001AD000
direct allocation
page read and write
23CE7C4D000
direct allocation
page read and write
C0003C8000
direct allocation
page read and write
C000402000
direct allocation
page read and write
23CE7E9F000
heap
page read and write
C0001C5000
direct allocation
page read and write
C0001F3000
direct allocation
page read and write
BABADFF000
stack
page read and write
23CE7DB9000
direct allocation
page read and write
1F1F000
unkown
page execute and read and write
C0003CC000
direct allocation
page read and write
C0001FD000
direct allocation
page read and write
23CE7D95000
direct allocation
page read and write
23CE7C41000
direct allocation
page read and write
C0003B8000
direct allocation
page read and write
C0000D0000
direct allocation
page read and write
C0000E4000
direct allocation
page read and write
C0000D4000
direct allocation
page read and write
C0001CB000
direct allocation
page read and write
10D1000
unkown
page execute and read and write
C000320000
direct allocation
page read and write
C00015C000
direct allocation
page read and write
C0001D7000
direct allocation
page read and write
C00037A000
direct allocation
page read and write
23CE7D90000
direct allocation
page read and write
C000404000
direct allocation
page read and write
C00010C000
direct allocation
page read and write
23CE7C44000
direct allocation
page read and write
BABAFFE000
stack
page read and write
C0001BF000
direct allocation
page read and write
23CE7C4F000
direct allocation
page read and write
C0001F1000
direct allocation
page read and write
23CE2110000
direct allocation
page read and write
23CE7E86000
heap
page read and write
23CE2070000
heap
page read and write
23CE7DB6000
direct allocation
page read and write
There are 205 hidden memdumps, click here to show them.