IOC Report
Lic.exe

loading gif

Files

File Path
Type
Category
Malicious
Lic.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Lic.exe.log
CSV text
dropped
malicious
C:\Users\user\AppData\Local\Temp\9d157fef-9d80-4c40-8e32-b40db35317cb\AgileDotNetRT64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Lic.exe
"C:\Users\user\Desktop\Lic.exe"
malicious

URLs

Name
IP
Malicious
https://#/SCClientPing.php#Invalid
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
24B57815000
heap
page read and write
24B59160000
trusted library allocation
page read and write
7FFD9B860000
trusted library allocation
page read and write
24B5789E000
heap
page read and write
24B71CCB000
heap
page read and write
CE363FF000
stack
page read and write
24B57990000
trusted library allocation
page read and write
CE362FE000
stack
page read and write
CE35AFD000
stack
page read and write
24B71B60000
heap
page read and write
24B73730000
trusted library allocation
page read and write
CE35EFE000
stack
page read and write
24B578B1000
heap
page read and write
24B71B20000
heap
page execute and read and write
24B578DE000
heap
page read and write
7FFE13310000
unkown
page readonly
7FFD9B6C9000
trusted library allocation
page read and write
CE35DFF000
stack
page read and write
24B71B53000
heap
page read and write
24B5764E000
unkown
page readonly
24B57967000
heap
page read and write
7FFD9B6D0000
trusted library allocation
page read and write
24B5796C000
heap
page read and write
24B57954000
heap
page read and write
7FFD9B6C2000
trusted library allocation
page read and write
7FFD9B850000
trusted library allocation
page read and write
7FFD9B7D0000
trusted library allocation
page execute and read and write
7FFD9B6C7000
trusted library allocation
page read and write
7FFD9B6B3000
trusted library allocation
page execute and read and write
7FFE13301000
unkown
page execute read
24B578E5000
heap
page read and write
7FFE13312000
unkown
page read and write
CE359FE000
stack
page read and write
24B71B7C000
heap
page read and write
24B578B4000
heap
page read and write
7FFE13315000
unkown
page execute and read and write
7FFD9B6D4000
trusted library allocation
page read and write
24B577F0000
heap
page read and write
24B71B30000
heap
page read and write
24B719D2000
heap
page read and write
CE35CFB000
stack
page read and write
24B57632000
unkown
page readonly
7FFD9B70C000
trusted library allocation
page execute and read and write
CE35BFF000
stack
page read and write
24B579B0000
heap
page read and write
7FFD9B770000
trusted library allocation
page execute and read and write
24B57710000
heap
page read and write
7FFD9B6CD000
trusted library allocation
page execute and read and write
7FFD9B6DD000
trusted library allocation
page execute and read and write
24B57876000
heap
page read and write
CE358FE000
stack
page read and write
7FFD9B760000
trusted library allocation
page read and write
CE35FFE000
stack
page read and write
7FFE13300000
unkown
page readonly
24B5923A000
trusted library allocation
page read and write
24B57870000
heap
page read and write
24B57632000
unkown
page readonly
24B579B5000
heap
page read and write
24B57810000
heap
page read and write
24B5787C000
heap
page read and write
7FFD9B6DB000
trusted library allocation
page execute and read and write
24B578E0000
heap
page read and write
24B591F0000
heap
page read and write
7FF47D690000
trusted library allocation
page execute and read and write
7FFD9B6BD000
trusted library allocation
page execute and read and write
24B71B50000
heap
page read and write
CE357FE000
stack
page read and write
24B579BD000
heap
page read and write
24B57630000
unkown
page readonly
24B5793A000
heap
page read and write
7FFD9B6B4000
trusted library allocation
page read and write
24B59180000
heap
page execute and read and write
24B71DE0000
heap
page read and write
24B57630000
unkown
page readonly
7FFE13313000
unkown
page readonly
7FFD9B6C0000
trusted library allocation
page read and write
CE356F5000
stack
page read and write
24B578A6000
heap
page read and write
24B69254000
trusted library allocation
page read and write
24B57840000
heap
page read and write
CE361FE000
stack
page read and write
7FFD9B796000
trusted library allocation
page execute and read and write
24B69201000
trusted library allocation
page read and write
CE360FB000
stack
page read and write
24B57820000
heap
page read and write
24B578A1000
heap
page read and write
24B59201000
trusted library allocation
page read and write
7FFD9B76C000
trusted library allocation
page execute and read and write
7FFE13316000
unkown
page execute and write copy
There are 79 hidden memdumps, click here to show them.