IOC Report
download.js

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\download.js"
malicious

Domains

Name
IP
Malicious
fp2e7a.wpc.phicdn.net
192.229.221.95

Memdumps

Base Address
Regiontype
Protect
Malicious
252FD5F0000
heap
page read and write
252FD608000
heap
page read and write
252FD64C000
heap
page read and write
252FD680000
heap
page read and write
252FD6A1000
heap
page read and write
252FD6A0000
heap
page read and write
252FD61D000
heap
page read and write
549A6FD000
stack
page read and write
252FD673000
heap
page read and write
252FD635000
heap
page read and write
252FF1E0000
heap
page read and write
252FD6A0000
heap
page read and write
549A8FE000
stack
page read and write
252FD6A0000
heap
page read and write
252FF1E4000
heap
page read and write
549A4FA000
stack
page read and write
252FD88C000
heap
page read and write
252FD7F0000
heap
page read and write
252FD684000
heap
page read and write
252FD680000
heap
page read and write
252FD68C000
heap
page read and write
252FD684000
heap
page read and write
252FD673000
heap
page read and write
252FD62C000
heap
page read and write
252FD6A0000
heap
page read and write
252FD67C000
heap
page read and write
252FD67C000
heap
page read and write
252FD680000
heap
page read and write
252FD684000
heap
page read and write
549A5FE000
stack
page read and write
252FD680000
heap
page read and write
252FD6A7000
heap
page read and write
252FD67C000
heap
page read and write
252FD677000
heap
page read and write
252FD684000
heap
page read and write
252FD880000
heap
page read and write
252FD64C000
heap
page read and write
252FD642000
heap
page read and write
549A9FE000
stack
page read and write
25281260000
trusted library allocation
page read and write
252FD6A7000
heap
page read and write
252FD661000
heap
page read and write
252FD684000
heap
page read and write
252FD673000
heap
page read and write
252FD622000
heap
page read and write
252FD885000
heap
page read and write
252FD680000
heap
page read and write
252FD622000
heap
page read and write
252FD657000
heap
page read and write
252FD678000
heap
page read and write
549ABFF000
stack
page read and write
252FD6A0000
heap
page read and write
252FD67C000
heap
page read and write
252FD64C000
heap
page read and write
252FD684000
heap
page read and write
252FD600000
heap
page read and write
252FD673000
heap
page read and write
252FD62B000
heap
page read and write
252FD63F000
heap
page read and write
252FD680000
heap
page read and write
252FD636000
heap
page read and write
252FD6A0000
heap
page read and write
252FD7D0000
heap
page read and write
252FD67C000
heap
page read and write
252FD640000
heap
page read and write
252FF170000
heap
page read and write
252FD686000
heap
page read and write
252FD62C000
heap
page read and write
252FD685000
heap
page read and write
549AAFE000
stack
page read and write
252FD62C000
heap
page read and write
252FD6A0000
heap
page read and write
252FD67C000
heap
page read and write
252FF530000
heap
page read and write
There are 64 hidden memdumps, click here to show them.