IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious

URLs

Name
IP
Malicious
bathdoomgaz.store
malicious
studennotediw.store
malicious
clearancek.site
malicious
dissapoiznw.store
malicious
https://steamcommunity.com/profiles/76561199724331900
104.102.49.254
malicious
spirittunek.store
malicious
licendfilteo.site
malicious
https://steamcommunity.com:443/profiles/76561199724331900
unknown
malicious
eaglepawnoy.store
malicious
https://licendfilteo.site:443/api.
unknown
malicious
https://spirittunek.store:443/api
unknown
malicious
mobbipenju.store
malicious
https://steamcommunity.com/my/wishlist/
unknown
https://player.vimeo.com
unknown
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
unknown
https://steamcommunity.com/?subsection=broadcasts
unknown
https://steamcommunity.com/profiles/76561199724331900xi
unknown
https://bathdoomgaz.store:443/api&
unknown
https://help.steampowered.com/en/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
unknown
https://steamcommunity.com/market/
unknown
https://store.steampowered.com/news/
unknown
https://store.steampowered.com/subscriber_agreement/
unknown
https://www.gstatic.cn/recaptcha/
unknown
http://store.steampowered.com/subscriber_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
unknown
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuX
unknown
https://recaptcha.net/recaptcha/;
unknown
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://steamcommunity.com/discussions/
unknown
https://www.youtube.com
unknown
https://www.google.com
unknown
https://store.steampowered.com/stats/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
unknown
https://medal.tv
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
unknown
https://store.steampowered.com/steam_refunds/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
unknown
https://mobbipenju.store:443/apiM
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
unknown
https://steamcommunity.com/I
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
unknown
https://s.ytimg.com;
unknown
https://steamcommunity.com/workshop/
unknown
https://login.steampowered.com/
unknown
https://store.steampowered.com/legal/
unknown
https://steam.tv/
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BX
unknown
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
unknown
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
unknown
http://store.steampowered.com/privacy_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
unknown
https://store.steampowered.com/points/shop/
unknown
https://recaptcha.net
unknown
https://store.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=e
unknown
https://steamcommunity.com
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&
unknown
https://sketchfab.com
unknown
https://lv.queniujq.cn
unknown
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C42cb6563c5fec81
unknown
https://www.youtube.com/
unknown
http://127.0.0.1:27060
unknown
https://store.steampowered.com/privacy_agreement/
unknown
https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
https://steamcommunity.com/profiles/76561199724331900D
unknown
https://www.google.com/recaptcha/
unknown
https://checkout.steampowered.com/
unknown
https://help.steampowered.com/
unknown
https://api.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
http://store.steampowered.com/account/cookiepreferences/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
https://store.steampowered.com/mobile
unknown
https://steamcommunity.com/
unknown
https://studennotediw.store:443/apitk
unknown
https://store.steampowered.com/;
unknown
https://store.steampowered.com/about/
unknown
https://community.cloudflare.steamstatic.com/
unknown
There are 80 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
steamcommunity.com
104.102.49.254
malicious
eaglepawnoy.store
unknown
malicious
bathdoomgaz.store
unknown
malicious
spirittunek.store
unknown
malicious
licendfilteo.site
unknown
malicious
studennotediw.store
unknown
malicious
mobbipenju.store
unknown
malicious
clearancek.site
unknown
malicious
dissapoiznw.store
unknown
malicious

IPs

IP
Domain
Country
Malicious
104.102.49.254
steamcommunity.com
United States
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
DC1000
unkown
page execute and read and write
malicious
5A40000
remote allocation
page read and write
5BFE000
stack
page read and write
4F61000
heap
page read and write
1014000
unkown
page execute and read and write
37DE000
stack
page read and write
15E5000
heap
page read and write
5A40000
remote allocation
page read and write
5580000
direct allocation
page execute and read and write
1734000
heap
page read and write
32C0000
direct allocation
page read and write
F9C000
unkown
page execute and read and write
10C8000
unkown
page execute and write copy
1741000
heap
page read and write
1099000
unkown
page execute and write copy
3F5E000
stack
page read and write
32C0000
direct allocation
page read and write
32C0000
direct allocation
page read and write
469F000
stack
page read and write
355E000
stack
page read and write
1749000
heap
page read and write
53DD000
stack
page read and write
587A000
trusted library allocation
page read and write
4F60000
heap
page read and write
1700000
heap
page read and write
32C0000
direct allocation
page read and write
F8C000
unkown
page execute and write copy
18FF000
stack
page read and write
5864000
trusted library allocation
page read and write
32C0000
direct allocation
page read and write
1055000
unkown
page execute and write copy
4D1E000
stack
page read and write
32C0000
direct allocation
page read and write
4F61000
heap
page read and write
55A0000
direct allocation
page execute and read and write
16F0000
heap
page read and write
409E000
stack
page read and write
FA7000
unkown
page execute and write copy
5A8D000
stack
page read and write
4F61000
heap
page read and write
1765000
heap
page read and write
1084000
unkown
page execute and read and write
1767000
heap
page read and write
109B000
unkown
page execute and read and write
4F61000
heap
page read and write
5570000
direct allocation
page execute and read and write
495E000
stack
page read and write
1048000
unkown
page execute and read and write
542E000
stack
page read and write
FDA000
unkown
page execute and read and write
5570000
direct allocation
page execute and read and write
1763000
heap
page read and write
552F000
stack
page read and write
4F61000
heap
page read and write
41DE000
stack
page read and write
DC1000
unkown
page execute and write copy
5570000
direct allocation
page execute and read and write
16EB000
stack
page read and write
53F0000
direct allocation
page read and write
101B000
unkown
page execute and read and write
4F61000
heap
page read and write
557D000
stack
page read and write
173E000
heap
page read and write
15E0000
heap
page read and write
4F61000
heap
page read and write
481E000
stack
page read and write
1057000
unkown
page execute and read and write
58EE000
stack
page read and write
32C0000
direct allocation
page read and write
1745000
heap
page read and write
174F000
heap
page read and write
5A2F000
stack
page read and write
455F000
stack
page read and write
32C0000
direct allocation
page read and write
329F000
stack
page read and write
3E1E000
stack
page read and write
101C000
unkown
page execute and write copy
102A000
unkown
page execute and write copy
1739000
heap
page read and write
3CDE000
stack
page read and write
32C0000
direct allocation
page read and write
459E000
stack
page read and write
4F61000
heap
page read and write
445E000
stack
page read and write
10B1000
unkown
page execute and write copy
5590000
direct allocation
page execute and read and write
4A9E000
stack
page read and write
4F61000
heap
page read and write
53F0000
direct allocation
page read and write
102C000
unkown
page execute and read and write
5570000
direct allocation
page execute and read and write
4F5F000
stack
page read and write
174F000
heap
page read and write
103B000
unkown
page execute and read and write
55BB000
trusted library allocation
page read and write
592E000
stack
page read and write
103C000
unkown
page execute and write copy
32D7000
heap
page read and write
5570000
direct allocation
page execute and read and write
1068000
unkown
page execute and read and write
4F61000
heap
page read and write
3A1F000
stack
page read and write
11B0000
heap
page read and write
17C0000
heap
page read and write
5769000
trusted library allocation
page read and write
4B9F000
stack
page read and write
10C7000
unkown
page execute and write copy
405F000
stack
page read and write
1013000
unkown
page execute and write copy
4F61000
heap
page read and write
32A0000
heap
page read and write
4BDE000
stack
page read and write
5CFF000
stack
page read and write
379F000
stack
page read and write
4F61000
heap
page read and write
5873000
trusted library allocation
page read and write
5A40000
remote allocation
page read and write
1020000
unkown
page execute and read and write
1787000
heap
page read and write
FC5000
unkown
page execute and read and write
1789000
heap
page read and write
F89000
unkown
page execute and read and write
1787000
heap
page read and write
162E000
stack
page read and write
32C0000
direct allocation
page read and write
57AD000
stack
page read and write
431E000
stack
page read and write
1789000
heap
page read and write
FE3000
unkown
page execute and write copy
115C000
stack
page read and write
17C1000
heap
page read and write
4F61000
heap
page read and write
1745000
heap
page read and write
5540000
direct allocation
page execute and read and write
4F61000
heap
page read and write
4F61000
heap
page read and write
170E000
heap
page read and write
4F61000
heap
page read and write
1770000
heap
page read and write
32C0000
direct allocation
page read and write
10B8000
unkown
page execute and write copy
16AE000
stack
page read and write
341E000
stack
page read and write
1741000
heap
page read and write
53F0000
direct allocation
page read and write
3B5F000
stack
page read and write
166E000
stack
page read and write
4F61000
heap
page read and write
4E1F000
stack
page read and write
3C9F000
stack
page read and write
4A5F000
stack
page read and write
32C0000
direct allocation
page read and write
56AE000
stack
page read and write
1015000
unkown
page execute and write copy
11C0000
heap
page read and write
4E5E000
stack
page read and write
351F000
stack
page read and write
102E000
unkown
page execute and write copy
38DF000
stack
page read and write
1770000
heap
page read and write
1789000
heap
page read and write
3F1F000
stack
page read and write
173E000
heap
page read and write
102F000
unkown
page execute and read and write
FA8000
unkown
page execute and read and write
419F000
stack
page read and write
10B2000
unkown
page execute and read and write
33DF000
stack
page read and write
103F000
unkown
page execute and read and write
19FF000
stack
page read and write
1787000
heap
page read and write
10C7000
unkown
page execute and read and write
46DE000
stack
page read and write
491F000
stack
page read and write
FEF000
unkown
page execute and read and write
4F61000
heap
page read and write
57EE000
stack
page read and write
FC3000
unkown
page execute and write copy
3B9E000
stack
page read and write
E2C000
unkown
page execute and write copy
1064000
unkown
page execute and write copy
441F000
stack
page read and write
E20000
unkown
page execute and write copy
10B8000
unkown
page execute and write copy
4F61000
heap
page read and write
369E000
stack
page read and write
32C0000
direct allocation
page read and write
365F000
stack
page read and write
1739000
heap
page read and write
5560000
direct allocation
page execute and read and write
170A000
heap
page read and write
E20000
unkown
page execute and read and write
10A2000
unkown
page execute and write copy
DC0000
unkown
page read and write
17C3000
heap
page read and write
5570000
direct allocation
page execute and read and write
17CA000
heap
page read and write
42DF000
stack
page read and write
1047000
unkown
page execute and write copy
4CDF000
stack
page read and write
1763000
heap
page read and write
391E000
stack
page read and write
5550000
direct allocation
page execute and read and write
5888000
trusted library allocation
page read and write
32D0000
heap
page read and write
1036000
unkown
page execute and write copy
174A000
heap
page read and write
32C0000
direct allocation
page read and write
3A5E000
stack
page read and write
3DDF000
stack
page read and write
14FD000
stack
page read and write
DC0000
unkown
page readonly
5060000
trusted library allocation
page read and write
4F70000
heap
page read and write
FD7000
unkown
page execute and write copy
10B1000
unkown
page execute and write copy
10B3000
unkown
page execute and write copy
5B8D000
stack
page read and write
47DF000
stack
page read and write
There are 209 hidden memdumps, click here to show them.