IOC Report
malo.zip

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Memdumps

Base Address
Regiontype
Protect
Malicious
DC7047F000
stack
page read and write
2C6FB6E5000
heap
page read and write
DC701AE000
stack
page read and write
2C6FB5A0000
heap
page read and write
2C6FB3A0000
heap
page read and write
DC700AC000
stack
page read and write
2C6FB3A8000
heap
page read and write
2C6FB4A0000
heap
page read and write
2C6FB620000
heap
page read and write
DC7012E000
stack
page read and write
2C6FB6E0000
heap
page read and write
2C6FB580000
heap
page read and write
There are 2 hidden memdumps, click here to show them.