IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 01:21:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 01:21:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 01:21:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 01:21:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Nov 20 01:21:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
JSON data
downloaded
Chrome Cache Entry: 101
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 102
ASCII text, with very long lines (52717), with no line terminators
dropped
Chrome Cache Entry: 103
ASCII text
downloaded
Chrome Cache Entry: 104
ASCII text, with very long lines (52717), with no line terminators
downloaded
Chrome Cache Entry: 105
exported SGML document, ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 106
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1301x300, components 3
dropped
Chrome Cache Entry: 107
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 108
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
downloaded
Chrome Cache Entry: 109
ASCII text, with very long lines (46884)
downloaded
Chrome Cache Entry: 110
JSON data
dropped
Chrome Cache Entry: 111
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
dropped
Chrome Cache Entry: 112
PNG image data, 658 x 480, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 113
ASCII text, with very long lines (33148), with no line terminators
dropped
Chrome Cache Entry: 114
JSON data
downloaded
Chrome Cache Entry: 115
PNG image data, 475 x 212, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 116
JSON data
downloaded
Chrome Cache Entry: 117
JSON data
dropped
Chrome Cache Entry: 118
exported SGML document, ASCII text, with very long lines (65536), with no line terminators
dropped
Chrome Cache Entry: 119
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1301x300, components 3
downloaded
Chrome Cache Entry: 120
ASCII text, with very long lines (46884)
dropped
Chrome Cache Entry: 121
JSON data
dropped
Chrome Cache Entry: 122
ASCII text
dropped
Chrome Cache Entry: 123
SVG Scalable Vector Graphics image
downloaded
Chrome Cache Entry: 124
Web Open Font Format (Version 2), TrueType, length 19696, version 1.0
downloaded
Chrome Cache Entry: 125
ASCII text, with very long lines (33148), with no line terminators
downloaded
Chrome Cache Entry: 126
PNG image data, 475 x 212, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 127
PNG image data, 658 x 480, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 128
JSON data
dropped
Chrome Cache Entry: 129
HTML document, ASCII text, with very long lines (639), with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 130
JSON data
downloaded
Chrome Cache Entry: 131
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 89
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 90
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 91
SVG Scalable Vector Graphics image
dropped
Chrome Cache Entry: 92
JSON data
dropped
Chrome Cache Entry: 93
JSON data
dropped
Chrome Cache Entry: 94
PNG image data, 533 x 478, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 95
ASCII text, with very long lines (65536), with no line terminators
downloaded
Chrome Cache Entry: 96
ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 97
ASCII text, with very long lines (65410)
dropped
Chrome Cache Entry: 98
JSON data
dropped
Chrome Cache Entry: 99
ASCII text, with very long lines (65410)
downloaded
There are 40 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1908,i,10312143833214285675,2582168569992251965,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1908,i,3294702590203488965,14854174447788199896,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://authoring-docs-microsoft.poolparty.biz/devrel/7696cda6-0510-47f6-8302-71bb5d2e28cf
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://cook-rain.sbs/L
unknown
https://duckduckgo.com/ac/?q=
unknown
https://github.com/dotnet/docs/blob/17c4acca45e573a92878a44a2cce57d699fe9c7c/docs/framework/install/
unknown
https://www.linkedin.com/cws/share?url=$
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqX1CqX4pbW1pbWfpbZ7ReNxR3UIG8zInwYIFIVs9eYi
unknown
https://github.com/Youssef1313
unknown
https://management.azure.com/providers/Microsoft.Portal/userSettings/cloudconsole?api-version=2023-0
unknown
https://aka.ms/msignite_docs_banner
unknown
https://videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net/public-b4da8140-92cf-421c-8b7b-e471d5b9
unknown
peepburry828.sbs
http://polymer.github.io/AUTHORS.txt
unknown
https://github.com/dotnet/docs/issues/new?template=z-customer-feedback.yml
unknown
https://management.azure.com/subscriptions?api-version=2016-06-01
unknown
https://github.com/dotnet/docs/blob/main/docs/framework/install/application-not-started.md
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
https://aka.ms/pshelpmechoose
unknown
https://aka.ms/feedback/report?space=61
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
https://cook-rain.sbs/_
unknown
http://185.215.113.16/off/def.exe94
unknown
https://learn-video.azurefd.net/vod/player
unknown
p10tgrace.sbs
https://twitter.com/intent/tweet?original_referer=$
unknown
https://github.com/gewarren
unknown
http://185.215.113.16/off/def.exepleWebKit/537.36
unknown
https://support.mozilla.org/products/firefoxgro.all
unknown
http://polymer.github.io/CONTRIBUTORS.txt
unknown
processhol.sbs
https://github.com/dotnet/docs/blob/live/docs/framework/install/application-not-started.md
unknown
https://authoring-docs-microsoft.poolparty.biz/devrel/69c76c32-967e-4c65-b89a-74cc527db725
unknown
https://client-api.arkoselabs.com/v2/api.js
unknown
https://aka.ms/MSIgniteChallenge/Tier1Banner?wt.mc_id=ignite24_learnbanner_tier1_cnl
unknown
https://management.azure.com/providers/Microsoft.Portal/consoles/default?api-version=2017-12-01-prev
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://github.com/Thraka
unknown
https://cook-rain.sbs/api
188.114.96.3
http://polymer.github.io/PATENTS.txt
unknown
https://aka.ms/certhelp
unknown
http://185.215.113.16/steam/random.exe
unknown
https://cook-rain.sbs/
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
https://cook-rain.sbs/apiUni
unknown
https://github.com/mairaw
unknown
https://cook-rain.sbs/z
unknown
https://js.monitor.azure.com/scripts/c/ms.jsll-4.min.js
13.107.246.45
http://ocsp.rootca1.amazontrust.com0:
unknown
https://schema.org
unknown
p3ar11fter.sbs
http://polymer.github.io/LICENSE.txt
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696491991400800003.2&ci=1696491991993.
unknown
https://www.ecosia.org/newtab/
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_15d7e4b694824b33323940336fbf0bead57d89764383fe44
unknown
https://aka.ms/yourcaliforniaprivacychoices
unknown
https://ac.ecosia.org/autocomplete?q=
unknown
https://github.com/nschonni
unknown
http://185.215.113.16/
unknown
https://videoencodingpublic-hgeaeyeba8gycee3.b01.azurefd.net/public-09ce73a6-05a5-4e4d-b3d7-bd5a8c05
unknown
https://cook-rain.sbs/)
unknown
https://github.com/adegeo
unknown
http://crl.micro
unknown
https://cook-rain.sbs:443/api
unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
unknown
https://github.com/jonschlinkert/is-plain-object
unknown
http://crt.rootca1.amazontrust.com/rootca1.cer0?
unknown
https://octokit.github.io/rest.js/#throttling
unknown
https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
unknown
http://185.215.113.16/;
unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696491991400800003.1&ci=1696491991993.12791&cta
unknown
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
unknown
https://github.com/js-cookie/js-cookie
unknown
http://185.215.113.16/off/def.exe
unknown
http://schema.org/Organization
unknown
https://channel9.msdn.com/
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
unknown
https://github.com/dotnet/try
unknown
There are 71 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cook-rain.sbs
188.114.96.3
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
142.250.186.68
js.monitor.azure.com
unknown
mdec.nelreports.net
unknown

IPs

IP
Domain
Country
Malicious
192.168.2.8
unknown
unknown
malicious
142.250.186.68
www.google.com
United States
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
185.215.113.16
unknown
Portugal
239.255.255.250
unknown
Reserved
188.114.96.3
cook-rain.sbs
European Union

Memdumps

Base Address
Regiontype
Protect
Malicious
D71000
unkown
page execute and read and write
malicious
4D10000
direct allocation
page execute and read and write
347F000
stack
page read and write
57C2000
trusted library allocation
page read and write
5C5C000
trusted library allocation
page read and write
A76000
heap
page read and write
9AE000
heap
page read and write
4D3E000
stack
page read and write
5764000
trusted library allocation
page read and write
56E4000
trusted library allocation
page read and write
814F000
stack
page read and write
5DD6000
trusted library allocation
page read and write
6F6E000
stack
page read and write
575D000
trusted library allocation
page read and write
5C9C000
trusted library allocation
page read and write
66B000
stack
page read and write
7E2F000
stack
page read and write
7FA0000
direct allocation
page read and write
7FA0000
direct allocation
page read and write
57C1000
trusted library allocation
page read and write
5B64000
trusted library allocation
page read and write
5B6D000
trusted library allocation
page read and write
5DF5000
trusted library allocation
page read and write
F53000
unkown
page execute and read and write
5B63000
trusted library allocation
page read and write
56C7000
trusted library allocation
page read and write
5B61000
trusted library allocation
page read and write
56E7000
trusted library allocation
page read and write
5B6B000
trusted library allocation
page read and write
706F000
stack
page read and write
5A54000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
990000
direct allocation
page read and write
6DEF000
stack
page read and write
463E000
stack
page read and write
5C64000
trusted library allocation
page read and write
5C89000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
580E000
trusted library allocation
page read and write
5CB0000
trusted library allocation
page read and write
5210000
remote allocation
page read and write
5758000
trusted library allocation
page read and write
57F9000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
56C1000
trusted library allocation
page read and write
63DA000
trusted library allocation
page read and write
30BF000
stack
page read and write
5757000
trusted library allocation
page read and write
60D9000
trusted library allocation
page read and write
5715000
trusted library allocation
page read and write
D1E000
stack
page read and write
CA0000
heap
page read and write
36FF000
stack
page read and write
A92000
heap
page read and write
5D2A000
trusted library allocation
page read and write
56DA000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
56C7000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
A81000
heap
page read and write
56EA000
trusted library allocation
page read and write
56C1000
trusted library allocation
page read and write
59C1000
trusted library allocation
page read and write
576D000
trusted library allocation
page read and write
5A0E000
stack
page read and write
796E000
stack
page read and write
5B66000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
3D3F000
stack
page read and write
5B66000
trusted library allocation
page read and write
45FF000
stack
page read and write
5767000
trusted library allocation
page read and write
35BF000
stack
page read and write
5C90000
trusted library allocation
page read and write
A7D000
heap
page read and write
4741000
heap
page read and write
5C1E000
trusted library allocation
page read and write
1032000
unkown
page execute and read and write
5B6E000
trusted library allocation
page read and write
5767000
trusted library allocation
page read and write
A8F000
heap
page read and write
A8F000
heap
page read and write
5772000
trusted library allocation
page read and write
990000
direct allocation
page read and write
57D0000
trusted library allocation
page read and write
43BE000
stack
page read and write
5C28000
trusted library allocation
page read and write
5764000
trusted library allocation
page read and write
56CD000
trusted library allocation
page read and write
5836000
trusted library allocation
page read and write
8190000
direct allocation
page execute and read and write
56CF000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
60E6000
trusted library allocation
page read and write
54B3000
heap
page read and write
5CA2000
trusted library allocation
page read and write
A8C000
heap
page read and write
5758000
trusted library allocation
page read and write
5CAC000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
5B69000
trusted library allocation
page read and write
5D4F000
trusted library allocation
page read and write
56EF000
trusted library allocation
page read and write
5C3C000
trusted library allocation
page read and write
5762000
trusted library allocation
page read and write
5811000
trusted library allocation
page read and write
72EF000
stack
page read and write
7FA0000
direct allocation
page read and write
5C0D000
trusted library allocation
page read and write
A88000
heap
page read and write
4741000
heap
page read and write
580D000
trusted library allocation
page read and write
A92000
heap
page read and write
5B63000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
D71000
unkown
page execute and write copy
A8F000
heap
page read and write
57F9000
trusted library allocation
page read and write
4741000
heap
page read and write
5C1C000
trusted library allocation
page read and write
56FF000
trusted library allocation
page read and write
5754000
trusted library allocation
page read and write
106F000
unkown
page execute and write copy
5C2C000
trusted library allocation
page read and write
804C000
stack
page read and write
7CEF000
stack
page read and write
580E000
trusted library allocation
page read and write
59C3000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
76AF000
stack
page read and write
7FA0000
direct allocation
page read and write
387E000
stack
page read and write
8A0000
heap
page read and write
57FD000
trusted library allocation
page read and write
5B66000
trusted library allocation
page read and write
5C2E000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
3AFE000
stack
page read and write
5C6F000
trusted library allocation
page read and write
575E000
trusted library allocation
page read and write
5B6E000
trusted library allocation
page read and write
5768000
trusted library allocation
page read and write
537F000
stack
page read and write
5C54000
trusted library allocation
page read and write
A81000
heap
page read and write
5B67000
trusted library allocation
page read and write
76B000
stack
page read and write
5766000
trusted library allocation
page read and write
59C7000
trusted library allocation
page read and write
56E4000
trusted library allocation
page read and write
57D9000
trusted library allocation
page read and write
56D0000
trusted library allocation
page read and write
56C9000
trusted library allocation
page read and write
4741000
heap
page read and write
A73000
heap
page read and write
5757000
trusted library allocation
page read and write
5753000
trusted library allocation
page read and write
4D00000
direct allocation
page execute and read and write
5860000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
8C0000
heap
page read and write
5B6A000
trusted library allocation
page read and write
A8B000
heap
page read and write
5753000
trusted library allocation
page read and write
56EF000
trusted library allocation
page read and write
57D9000
trusted library allocation
page read and write
56F6000
trusted library allocation
page read and write
5C4F000
trusted library allocation
page read and write
2D3E000
stack
page read and write
57E1000
trusted library allocation
page read and write
980000
heap
page read and write
120D000
unkown
page execute and read and write
5B61000
trusted library allocation
page read and write
5A1E000
trusted library allocation
page read and write
A81000
heap
page read and write
5B6E000
trusted library allocation
page read and write
A76000
heap
page read and write
57D9000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
64AF000
stack
page read and write
639E000
trusted library allocation
page execute and read and write
4CFF000
stack
page read and write
5CA0000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
859B000
stack
page read and write
50EE000
stack
page read and write
742F000
stack
page read and write
56E0000
trusted library allocation
page read and write
5C24000
trusted library allocation
page read and write
4741000
heap
page read and write
5805000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
575B000
trusted library allocation
page read and write
8010000
direct allocation
page read and write
580E000
trusted library allocation
page read and write
5767000
trusted library allocation
page read and write
638C000
trusted library allocation
page execute and read and write
5C01000
trusted library allocation
page read and write
57CF000
trusted library allocation
page read and write
57CD000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
60EA000
trusted library allocation
page execute and read and write
732E000
stack
page read and write
3FFE000
stack
page read and write
59C7000
trusted library allocation
page read and write
990000
direct allocation
page read and write
1058000
unkown
page execute and read and write
A6D000
heap
page read and write
A76000
heap
page read and write
5766000
trusted library allocation
page read and write
5756000
trusted library allocation
page read and write
2ABF000
stack
page read and write
5757000
trusted library allocation
page read and write
5C2E000
trusted library allocation
page read and write
3D7E000
stack
page read and write
56C7000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
57C3000
trusted library allocation
page read and write
A73000
heap
page read and write
57D9000
trusted library allocation
page read and write
106F000
unkown
page execute and read and write
86DE000
stack
page read and write
576A000
trusted library allocation
page read and write
5D78000
trusted library allocation
page read and write
57FE000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
9AA000
heap
page read and write
5B6D000
trusted library allocation
page read and write
66AF000
stack
page read and write
5C0C000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
3E7F000
stack
page read and write
5210000
remote allocation
page read and write
575F000
trusted library allocation
page read and write
71AF000
stack
page read and write
57D9000
trusted library allocation
page read and write
5CA6000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
5877000
trusted library allocation
page read and write
56F7000
trusted library allocation
page read and write
9A0000
heap
page read and write
5757000
trusted library allocation
page read and write
51EF000
stack
page read and write
527E000
stack
page read and write
5772000
trusted library allocation
page read and write
5753000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
57CA000
trusted library allocation
page read and write
5B60000
trusted library allocation
page read and write
692E000
stack
page read and write
5759000
trusted library allocation
page read and write
5C9E000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
91E000
stack
page read and write
5D09000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
56F7000
trusted library allocation
page read and write
5D0B000
trusted library allocation
page read and write
5B62000
trusted library allocation
page read and write
5B6B000
trusted library allocation
page read and write
4741000
heap
page read and write
7C0000
heap
page read and write
333F000
stack
page read and write
575F000
trusted library allocation
page read and write
5B6D000
trusted library allocation
page read and write
4741000
heap
page read and write
5C39000
trusted library allocation
page read and write
5711000
trusted library allocation
page read and write
5772000
trusted library allocation
page read and write
5CAC000
trusted library allocation
page read and write
5C62000
trusted library allocation
page read and write
5C82000
trusted library allocation
page read and write
56F7000
trusted library allocation
page read and write
9D9000
heap
page read and write
576C000
trusted library allocation
page read and write
4741000
heap
page read and write
56C8000
trusted library allocation
page read and write
5C60000
trusted library allocation
page read and write
D60000
direct allocation
page read and write
57F9000
trusted library allocation
page read and write
5EC9000
trusted library allocation
page read and write
5AA6000
trusted library allocation
page read and write
5771000
trusted library allocation
page read and write
4741000
heap
page read and write
5860000
trusted library allocation
page read and write
4F6D000
stack
page read and write
57EF000
trusted library allocation
page read and write
56E0000
trusted library allocation
page read and write
A81000
heap
page read and write
82E0000
heap
page read and write
5B6F000
trusted library allocation
page read and write
5C45000
trusted library allocation
page read and write
5CED000
trusted library allocation
page read and write
56D3000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
4BC0000
direct allocation
page read and write
5767000
trusted library allocation
page read and write
5B66000
trusted library allocation
page read and write
5B69000
trusted library allocation
page read and write
A8A000
heap
page read and write
A8B000
heap
page read and write
5E25000
trusted library allocation
page read and write
5D8D000
trusted library allocation
page read and write
5CA0000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
4741000
heap
page read and write
5B67000
trusted library allocation
page read and write
5772000
trusted library allocation
page read and write
56D9000
trusted library allocation
page read and write
55BF000
stack
page read and write
5767000
trusted library allocation
page read and write
A86000
heap
page read and write
4D50000
direct allocation
page execute and read and write
5757000
trusted library allocation
page read and write
5C4A000
trusted library allocation
page read and write
5717000
trusted library allocation
page read and write
A92000
heap
page read and write
5717000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
5B63000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
5C20000
trusted library allocation
page read and write
B9E000
stack
page read and write
576A000
trusted library allocation
page read and write
5C8B000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
5B66000
trusted library allocation
page read and write
57D9000
trusted library allocation
page read and write
56CA000
trusted library allocation
page read and write
5767000
trusted library allocation
page read and write
59C5000
trusted library allocation
page read and write
576D000
trusted library allocation
page read and write
585E000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
5CAA000
trusted library allocation
page read and write
6E2E000
stack
page read and write
57F1000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
68EF000
stack
page read and write
5756000
trusted library allocation
page read and write
5DDE000
stack
page read and write
5FB6000
trusted library allocation
page read and write
575A000
trusted library allocation
page read and write
5772000
trusted library allocation
page read and write
5C57000
trusted library allocation
page read and write
5712000
trusted library allocation
page read and write
56E4000
trusted library allocation
page read and write
746E000
stack
page read and write
575F000
trusted library allocation
page read and write
56F6000
trusted library allocation
page read and write
5B6F000
trusted library allocation
page read and write
990000
direct allocation
page read and write
8C5000
heap
page read and write
576B000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
57F9000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
57E1000
trusted library allocation
page read and write
A81000
heap
page read and write
5C1E000
trusted library allocation
page read and write
57EC000
trusted library allocation
page read and write
5C48000
trusted library allocation
page read and write
44BF000
stack
page read and write
5B6B000
trusted library allocation
page read and write
A90000
heap
page read and write
576B000
trusted library allocation
page read and write
57D9000
trusted library allocation
page read and write
5DCF000
trusted library allocation
page read and write
56DF000
trusted library allocation
page read and write
5C62000
trusted library allocation
page read and write
A88000
heap
page read and write
5766000
trusted library allocation
page read and write
8160000
direct allocation
page execute and read and write
39BE000
stack
page read and write
D70000
unkown
page readonly
990000
direct allocation
page read and write
5757000
trusted library allocation
page read and write
5770000
trusted library allocation
page read and write
5B69000
trusted library allocation
page read and write
5B70000
trusted library allocation
page read and write
1061000
unkown
page execute and read and write
40FF000
stack
page read and write
576B000
trusted library allocation
page read and write
6BAE000
stack
page read and write
6F2F000
stack
page read and write
5B62000
trusted library allocation
page read and write
437F000
stack
page read and write
D5B000
stack
page read and write
A65000
heap
page read and write
5D76000
trusted library allocation
page read and write
5CA8000
trusted library allocation
page read and write
5794000
trusted library allocation
page read and write
56E4000
trusted library allocation
page read and write
5756000
trusted library allocation
page read and write
56E0000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
56E7000
trusted library allocation
page read and write
5C26000
trusted library allocation
page read and write
5B70000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
5C56000
trusted library allocation
page read and write
5B64000
trusted library allocation
page read and write
5759000
trusted library allocation
page read and write
4741000
heap
page read and write
5B61000
trusted library allocation
page read and write
580D000
trusted library allocation
page read and write
5C17000
trusted library allocation
page read and write
57CB000
trusted library allocation
page read and write
337E000
stack
page read and write
5762000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
4751000
heap
page read and write
756F000
stack
page read and write
57C1000
trusted library allocation
page read and write
A81000
heap
page read and write
56C1000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
A74000
heap
page read and write
57C0000
trusted library allocation
page read and write
571E000
trusted library allocation
page read and write
4741000
heap
page read and write
60E2000
trusted library allocation
page execute and read and write
9A50000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
5772000
trusted library allocation
page read and write
576A000
trusted library allocation
page read and write
5756000
trusted library allocation
page read and write
4741000
heap
page read and write
5C47000
trusted library allocation
page read and write
5DC0000
trusted library allocation
page read and write
7AAE000
stack
page read and write
5767000
trusted library allocation
page read and write
833A000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
A81000
heap
page read and write
5D8F000
trusted library allocation
page read and write
5B36000
trusted library allocation
page read and write
56F7000
trusted library allocation
page read and write
56E2000
trusted library allocation
page read and write
5C59000
stack
page read and write
5829000
trusted library allocation
page read and write
7A6F000
stack
page read and write
580E000
trusted library allocation
page read and write
A6D000
heap
page read and write
57C1000
trusted library allocation
page read and write
5794000
trusted library allocation
page read and write
990000
direct allocation
page read and write
4741000
heap
page read and write
5753000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
A90000
heap
page read and write
5B63000
trusted library allocation
page read and write
2BBF000
stack
page read and write
57E1000
trusted library allocation
page read and write
5B63000
trusted library allocation
page read and write
5CA4000
trusted library allocation
page read and write
5C0F000
trusted library allocation
page read and write
5CAA000
trusted library allocation
page read and write
5B6A000
trusted library allocation
page read and write
57F1000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
990000
direct allocation
page read and write
5763000
trusted library allocation
page read and write
4E6C000
stack
page read and write
56CF000
trusted library allocation
page read and write
576B000
trusted library allocation
page read and write
4741000
heap
page read and write
5B63000
trusted library allocation
page read and write
A8D000
heap
page read and write
580E000
trusted library allocation
page read and write
5B6D000
trusted library allocation
page read and write
A6D000
heap
page read and write
57E1000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
5754000
trusted library allocation
page read and write
8010000
direct allocation
page read and write
5DD4000
trusted library allocation
page read and write
5C75000
trusted library allocation
page read and write
A88000
heap
page read and write
869C000
stack
page read and write
A09000
heap
page read and write
5757000
trusted library allocation
page read and write
5758000
trusted library allocation
page read and write
4FAE000
stack
page read and write
5CAE000
trusted library allocation
page read and write
5C64000
trusted library allocation
page read and write
3C3E000
stack
page read and write
57F9000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
7FF0000
heap
page read and write
A92000
heap
page read and write
56CF000
trusted library allocation
page read and write
5CB9000
trusted library allocation
page read and write
427E000
stack
page read and write
57C8000
trusted library allocation
page read and write
C9E000
stack
page read and write
59C7000
trusted library allocation
page read and write
A6A000
heap
page read and write
4741000
heap
page read and write
580E000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
576B000
trusted library allocation
page read and write
3EBE000
stack
page read and write
5C03000
trusted library allocation
page read and write
5C57000
trusted library allocation
page read and write
57E9000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
5C4F000
trusted library allocation
page read and write
6B6F000
stack
page read and write
5B66000
trusted library allocation
page read and write
5B6E000
trusted library allocation
page read and write
7FA0000
trusted library allocation
page read and write
95E000
stack
page read and write
8010000
direct allocation
page read and write
A73000
heap
page read and write
7D2E000
stack
page read and write
5B71000
trusted library allocation
page read and write
59C5000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
5CFB000
trusted library allocation
page read and write
5763000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
5DF7000
trusted library allocation
page read and write
3FBF000
stack
page read and write
575F000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
5C3E000
trusted library allocation
page read and write
5CA1000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
9F2000
heap
page read and write
5771000
trusted library allocation
page read and write
5763000
trusted library allocation
page read and write
5767000
trusted library allocation
page read and write
A76000
heap
page read and write
5B6A000
trusted library allocation
page read and write
56E7000
trusted library allocation
page read and write
5B62000
trusted library allocation
page read and write
56E9000
trusted library allocation
page read and write
990000
direct allocation
page read and write
56C7000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
397F000
stack
page read and write
5C9E000
trusted library allocation
page read and write
56CF000
trusted library allocation
page read and write
5210000
remote allocation
page read and write
4BBD000
stack
page read and write
782E000
stack
page read and write
56E7000
trusted library allocation
page read and write
5B66000
trusted library allocation
page read and write
56D1000
trusted library allocation
page read and write
373E000
stack
page read and write
4D20000
direct allocation
page execute and read and write
A8F000
heap
page read and write
5B66000
trusted library allocation
page read and write
8250000
trusted library allocation
page read and write
575E000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
5B66000
trusted library allocation
page read and write
5715000
trusted library allocation
page read and write
5C85000
trusted library allocation
page read and write
56ED000
trusted library allocation
page read and write
4D79000
trusted library allocation
page read and write
5C67000
trusted library allocation
page read and write
59FE000
trusted library allocation
page read and write
4741000
heap
page read and write
2E7E000
stack
page read and write
5757000
trusted library allocation
page read and write
5CEB000
trusted library allocation
page read and write
5C20000
trusted library allocation
page read and write
5C80000
trusted library allocation
page read and write
5753000
trusted library allocation
page read and write
5A96000
trusted library allocation
page read and write
77EF000
stack
page read and write
54B0000
heap
page read and write
2BFE000
stack
page read and write
5CBB000
trusted library allocation
page read and write
5CDE000
trusted library allocation
page read and write
575D000
trusted library allocation
page read and write
5C77000
trusted library allocation
page read and write
34BE000
stack
page read and write
57F7000
trusted library allocation
page read and write
4740000
heap
page read and write
56CE000
trusted library allocation
page read and write
5B6A000
trusted library allocation
page read and write
1070000
unkown
page execute and write copy
570E000
trusted library allocation
page read and write
57C1000
trusted library allocation
page read and write
5C4D000
trusted library allocation
page read and write
5B6B000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
990000
direct allocation
page read and write
5707000
trusted library allocation
page read and write
A81000
heap
page read and write
580E000
trusted library allocation
page read and write
5756000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
56E4000
trusted library allocation
page read and write
5CB2000
trusted library allocation
page read and write
8330000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
CD7000
heap
page read and write
5765000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
990000
direct allocation
page read and write
DB5000
unkown
page execute and read and write
CD0000
heap
page read and write
5D9E000
stack
page read and write
120E000
unkown
page execute and write copy
573E000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
57D0000
trusted library allocation
page read and write
56C7000
trusted library allocation
page read and write
990000
direct allocation
page read and write
5C9F000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
7FA0000
direct allocation
page read and write
4741000
heap
page read and write
57EF000
trusted library allocation
page read and write
7E6E000
stack
page read and write
5B6B000
trusted library allocation
page read and write
639C000
trusted library allocation
page execute and read and write
5B70000
trusted library allocation
page read and write
4D40000
direct allocation
page execute and read and write
4741000
heap
page read and write
5B6E000
trusted library allocation
page read and write
60E0000
trusted library allocation
page read and write
56F1000
trusted library allocation
page read and write
71EE000
stack
page read and write
473F000
stack
page read and write
5772000
trusted library allocation
page read and write
5B64000
trusted library allocation
page read and write
A66000
heap
page read and write
990000
direct allocation
page read and write
75AE000
stack
page read and write
56F8000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
65AF000
stack
page read and write
5B65000
trusted library allocation
page read and write
A1F000
heap
page read and write
76EE000
stack
page read and write
5E27000
trusted library allocation
page read and write
5753000
trusted library allocation
page read and write
60CB000
trusted library allocation
page read and write
6CEE000
stack
page read and write
44FE000
stack
page read and write
5B65000
trusted library allocation
page read and write
5C30000
trusted library allocation
page read and write
5C4D000
trusted library allocation
page read and write
56C1000
trusted library allocation
page read and write
35FE000
stack
page read and write
57D0000
trusted library allocation
page read and write
5758000
trusted library allocation
page read and write
50AF000
stack
page read and write
5B64000
trusted library allocation
page read and write
5D2C000
trusted library allocation
page read and write
3ABF000
stack
page read and write
57E9000
trusted library allocation
page read and write
2F7F000
stack
page read and write
6277000
trusted library allocation
page execute and read and write
A86000
heap
page read and write
5757000
trusted library allocation
page read and write
5B61000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
57D9000
trusted library allocation
page read and write
580E000
trusted library allocation
page read and write
5B64000
trusted library allocation
page read and write
5772000
trusted library allocation
page read and write
575F000
trusted library allocation
page read and write
5A4B000
stack
page read and write
7FA0000
direct allocation
page read and write
7BEE000
stack
page read and write
5B65000
trusted library allocation
page read and write
573C000
trusted library allocation
page read and write
7FD0000
trusted library allocation
page read and write
A92000
heap
page read and write
7FA0000
direct allocation
page read and write
A8D000
heap
page read and write
A81000
heap
page read and write
5B71000
trusted library allocation
page read and write
5C66000
trusted library allocation
page read and write
6A6E000
stack
page read and write
57D0000
trusted library allocation
page read and write
8332000
trusted library allocation
page read and write
5E1E000
stack
page read and write
7F80000
direct allocation
page read and write
5CE0000
trusted library allocation
page read and write
56C1000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
5C5E000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
56C5000
trusted library allocation
page read and write
2CFF000
stack
page read and write
5C8E000
trusted library allocation
page read and write
5C55000
trusted library allocation
page read and write
56CD000
trusted library allocation
page read and write
5C71000
trusted library allocation
page read and write
5B6F000
trusted library allocation
page read and write
31FF000
stack
page read and write
5D5F000
stack
page read and write
5B63000
trusted library allocation
page read and write
5C19000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
5B61000
trusted library allocation
page read and write
DC8000
unkown
page execute and read and write
A86000
heap
page read and write
5B65000
trusted library allocation
page read and write
5B6A000
trusted library allocation
page read and write
5C2A000
trusted library allocation
page read and write
56C0000
trusted library allocation
page read and write
59CD000
trusted library allocation
page read and write
5753000
trusted library allocation
page read and write
5B68000
trusted library allocation
page read and write
5A9E000
trusted library allocation
page read and write
56DF000
trusted library allocation
page read and write
5B66000
trusted library allocation
page read and write
576B000
trusted library allocation
page read and write
7F6F000
stack
page read and write
5D4D000
trusted library allocation
page read and write
A8C000
heap
page read and write
4741000
heap
page read and write
5B69000
trusted library allocation
page read and write
57F9000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
5B68000
trusted library allocation
page read and write
5701000
trusted library allocation
page read and write
4C04000
direct allocation
page read and write
576C000
trusted library allocation
page read and write
5772000
trusted library allocation
page read and write
5C87000
trusted library allocation
page read and write
59E6000
trusted library allocation
page read and write
56BE000
stack
page read and write
5715000
trusted library allocation
page read and write
5755000
trusted library allocation
page read and write
5CB0000
trusted library allocation
page read and write
5794000
trusted library allocation
page read and write
57EA000
trusted library allocation
page read and write
4BFC000
stack
page read and write
5DD1000
trusted library allocation
page read and write
57C8000
trusted library allocation
page read and write
6CAF000
stack
page read and write
57E1000
trusted library allocation
page read and write
7FA0000
direct allocation
page read and write
67AF000
stack
page read and write
545E000
stack
page read and write
87DE000
stack
page read and write
5757000
trusted library allocation
page read and write
5767000
trusted library allocation
page read and write
5758000
trusted library allocation
page read and write
57E1000
trusted library allocation
page read and write
990000
direct allocation
page read and write
5CAE000
trusted library allocation
page read and write
5CF9000
trusted library allocation
page read and write
590A000
trusted library allocation
page read and write
4D60000
direct allocation
page execute and read and write
549A000
stack
page read and write
990000
direct allocation
page read and write
792F000
stack
page read and write
5C0A000
trusted library allocation
page read and write
57F7000
trusted library allocation
page read and write
5C55000
trusted library allocation
page read and write
6A2F000
stack
page read and write
56F6000
trusted library allocation
page read and write
A92000
heap
page read and write
4741000
heap
page read and write
2E3F000
stack
page read and write
5B6B000
trusted library allocation
page read and write
5B63000
trusted library allocation
page read and write
4B80000
trusted library allocation
page read and write
57F4000
trusted library allocation
page read and write
5A6E000
trusted library allocation
page read and write
413E000
stack
page read and write
5C22000
trusted library allocation
page read and write
5B6F000
trusted library allocation
page read and write
30FE000
stack
page read and write
323E000
stack
page read and write
53EE000
stack
page read and write
57E1000
trusted library allocation
page read and write
5C3B000
trusted library allocation
page read and write
A97000
heap
page read and write
67EE000
stack
page read and write
56F2000
trusted library allocation
page read and write
57D0000
trusted library allocation
page read and write
5C69000
trusted library allocation
page read and write
5816000
trusted library allocation
page read and write
5757000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
5717000
trusted library allocation
page read and write
57C3000
trusted library allocation
page read and write
57F9000
trusted library allocation
page read and write
5B6C000
trusted library allocation
page read and write
4741000
heap
page read and write
70AE000
stack
page read and write
56F0000
trusted library allocation
page read and write
7BAF000
stack
page read and write
D70000
unkown
page read and write
59C5000
trusted library allocation
page read and write
383F000
stack
page read and write
3BFF000
stack
page read and write
2FBE000
stack
page read and write
A6D000
heap
page read and write
5DBE000
trusted library allocation
page read and write
423F000
stack
page read and write
D60000
direct allocation
page read and write
5B61000
trusted library allocation
page read and write
There are 813 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0
https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=file.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0