IOC Report
MT Eagle Asia 11.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\MT Eagle Asia 11.exe
"C:\Users\user\Desktop\MT Eagle Asia 11.exe"
malicious
C:\Users\user\Desktop\MT Eagle Asia 11.exe
"C:\Users\user\Desktop\MT Eagle Asia 11.exe"
malicious

URLs

Name
IP
Malicious
https://reallyfreegeoip.org
unknown
http://checkip.dyndns.org
unknown
http://checkip.dyndns.org/
193.122.130.0
https://reallyfreegeoip.org/xml/8.46.123.189
104.21.67.152
http://checkip.dyndns.com
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://checkip.dyndns.org/q
unknown
https://reallyfreegeoip.org/xml/8.46.123.189$
unknown
http://reallyfreegeoip.org
unknown
https://reallyfreegeoip.org/xml/
unknown

Domains

Name
IP
Malicious
reallyfreegeoip.org
104.21.67.152
checkip.dyndns.com
193.122.130.0
checkip.dyndns.org
unknown

IPs

IP
Domain
Country
Malicious
104.21.67.152
reallyfreegeoip.org
United States
193.122.130.0
checkip.dyndns.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
FileDirectory
There are 5 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
402000
remote allocation
page execute and read and write
malicious
2DAB000
trusted library allocation
page read and write
malicious
3B29000
trusted library allocation
page read and write
malicious
2C01000
trusted library allocation
page read and write
malicious
D90000
trusted library allocation
page read and write
107E000
stack
page read and write
2DA6000
trusted library allocation
page read and write
52D0000
heap
page read and write
D70000
trusted library allocation
page read and write
5160000
heap
page execute and read and write
D9A000
trusted library allocation
page execute and read and write
2D40000
trusted library allocation
page read and write
2E76000
trusted library allocation
page read and write
400000
remote allocation
page execute and read and write
E53000
heap
page read and write
12A6000
trusted library allocation
page read and write
2CB2000
trusted library allocation
page read and write
4F60000
trusted library allocation
page read and write
6930000
trusted library allocation
page execute and read and write
682E000
stack
page read and write
1090000
trusted library allocation
page read and write
52C3000
heap
page read and write
12A1000
trusted library allocation
page read and write
3C89000
trusted library allocation
page read and write
2E2A000
trusted library allocation
page read and write
7612000
trusted library allocation
page read and write
50A0000
trusted library allocation
page execute and read and write
2E70000
trusted library allocation
page read and write
3C01000
trusted library allocation
page read and write
62AE000
stack
page read and write
4FF0000
heap
page execute and read and write
ED0000
heap
page read and write
106A000
trusted library allocation
page execute and read and write
53E0000
trusted library section
page read and write
2EB3000
trusted library allocation
page read and write
3C97000
trusted library allocation
page read and write
8E60000
trusted library allocation
page read and write
1280000
trusted library allocation
page read and write
4FE0000
trusted library allocation
page read and write
CD0000
heap
page read and write
12AD000
trusted library allocation
page read and write
5493000
heap
page read and write
652F000
stack
page read and write
10DE000
stack
page read and write
2D50000
trusted library allocation
page read and write
D96000
trusted library allocation
page execute and read and write
1210000
heap
page read and write
DB8000
heap
page read and write
1140000
trusted library allocation
page read and write
4FD0000
heap
page read and write
2E78000
trusted library allocation
page read and write
55B0000
trusted library section
page readonly
2E25000
trusted library allocation
page read and write
2E82000
trusted library allocation
page read and write
4D9E000
stack
page read and write
6870000
trusted library allocation
page read and write
1072000
trusted library allocation
page read and write
6F1E000
heap
page read and write
E9E000
heap
page read and write
5D85000
heap
page read and write
5D6E000
stack
page read and write
4FEE000
trusted library allocation
page read and write
6830000
trusted library allocation
page execute and read and write
2ABE000
stack
page read and write
2AC0000
trusted library allocation
page read and write
2D48000
trusted library allocation
page read and write
D74000
trusted library allocation
page read and write
10F0000
heap
page read and write
1077000
trusted library allocation
page execute and read and write
E1A000
heap
page read and write
2CA1000
trusted library allocation
page read and write
2D8A000
trusted library allocation
page read and write
2D04000
trusted library allocation
page read and write
56B0000
trusted library allocation
page execute and read and write
587B000
trusted library allocation
page read and write
1178000
trusted library allocation
page read and write
6860000
trusted library allocation
page execute and read and write
E10000
heap
page read and write
6C2000
unkown
page readonly
DA2000
trusted library allocation
page read and write
63E5000
heap
page read and write
672E000
stack
page read and write
DF0000
trusted library allocation
page read and write
9D0000
heap
page read and write
E9F000
heap
page read and write
2AE1000
trusted library allocation
page read and write
6F10000
heap
page read and write
2D61000
trusted library allocation
page read and write
1144000
trusted library allocation
page read and write
129A000
trusted library allocation
page read and write
50EA000
trusted library allocation
page read and write
5187000
trusted library allocation
page read and write
113E000
stack
page read and write
4F90000
trusted library allocation
page read and write
5455000
heap
page read and write
3C95000
trusted library allocation
page read and write
2E7C000
trusted library allocation
page read and write
1170000
heap
page read and write
2B00000
trusted library allocation
page read and write
D60000
trusted library allocation
page read and write
666F000
stack
page read and write
1160000
trusted library allocation
page read and write
5DAA000
heap
page read and write
111E000
stack
page read and write
2CEE000
trusted library allocation
page read and write
5860000
trusted library allocation
page read and write
5DA0000
heap
page read and write
C60000
heap
page read and write
51A0000
heap
page read and write
2E3A000
trusted library allocation
page read and write
2CD9000
trusted library allocation
page read and write
6C0000
unkown
page readonly
2B0F000
trusted library allocation
page read and write
E1E000
heap
page read and write
D7D000
trusted library allocation
page execute and read and write
66EE000
stack
page read and write
5850000
trusted library allocation
page execute and read and write
2E4C000
trusted library allocation
page read and write
50F0000
trusted library allocation
page read and write
919000
stack
page read and write
3C29000
trusted library allocation
page read and write
2E48000
trusted library allocation
page read and write
1150000
trusted library allocation
page read and write
DB0000
heap
page read and write
9F0000
heap
page read and write
6880000
trusted library allocation
page read and write
2B21000
trusted library allocation
page read and write
D80000
trusted library allocation
page read and write
50D0000
trusted library allocation
page read and write
127F000
stack
page read and write
9CE000
stack
page read and write
2B80000
trusted library allocation
page read and write
2D00000
trusted library allocation
page read and write
A38000
stack
page read and write
DAB000
trusted library allocation
page execute and read and write
E03000
trusted library allocation
page execute and read and write
5870000
trusted library allocation
page read and write
4FE2000
trusted library allocation
page read and write
E71000
heap
page read and write
E44000
heap
page read and write
5D80000
heap
page read and write
5540000
trusted library allocation
page read and write
2AE6000
trusted library allocation
page read and write
52B0000
trusted library allocation
page read and write
63B0000
heap
page read and write
DA7000
trusted library allocation
page execute and read and write
1070000
trusted library allocation
page read and write
12C0000
heap
page read and write
1050000
trusted library allocation
page read and write
2D6F000
trusted library allocation
page read and write
D92000
trusted library allocation
page read and write
1060000
trusted library allocation
page read and write
128B000
trusted library allocation
page read and write
6840000
trusted library allocation
page read and write
B37000
stack
page read and write
55C0000
heap
page read and write
DE7000
heap
page read and write
2ACB000
trusted library allocation
page read and write
684A000
trusted library allocation
page read and write
1160000
heap
page execute and read and write
586E000
trusted library allocation
page read and write
5DC5000
heap
page read and write
4F65000
trusted library allocation
page read and write
5670000
heap
page read and write
2CBE000
trusted library allocation
page read and write
2CF8000
trusted library allocation
page read and write
10DE000
stack
page read and write
5100000
heap
page read and write
50E0000
heap
page read and write
1120000
trusted library allocation
page execute and read and write
1140000
trusted library allocation
page read and write
6E50000
heap
page read and write
6410000
heap
page read and write
12B2000
trusted library allocation
page read and write
2BF0000
heap
page execute and read and write
5181000
trusted library allocation
page read and write
63E3000
heap
page read and write
2E43000
trusted library allocation
page read and write
DCE000
heap
page read and write
E50000
heap
page read and write
2D3C000
trusted library allocation
page read and write
55AB000
stack
page read and write
E37000
heap
page read and write
4C1E000
stack
page read and write
1217000
heap
page read and write
2CFC000
trusted library allocation
page read and write
D8D000
trusted library allocation
page execute and read and write
2D44000
trusted library allocation
page read and write
3B21000
trusted library allocation
page read and write
56A0000
trusted library allocation
page read and write
D73000
trusted library allocation
page execute and read and write
2AED000
trusted library allocation
page read and write
2D54000
trusted library allocation
page read and write
68E0000
trusted library allocation
page read and write
128E000
trusted library allocation
page read and write
684F000
trusted library allocation
page read and write
CF7000
stack
page read and write
2D4C000
trusted library allocation
page read and write
50EC000
trusted library allocation
page read and write
5876000
trusted library allocation
page read and write
D3E000
stack
page read and write
1130000
trusted library allocation
page read and write
2B10000
heap
page read and write
5430000
heap
page read and write
2ADE000
trusted library allocation
page read and write
129E000
trusted library allocation
page read and write
6910000
heap
page read and write
1090000
trusted library allocation
page read and write
3C64000
trusted library allocation
page read and write
E00000
trusted library allocation
page read and write
2CC1000
trusted library allocation
page read and write
B80000
heap
page read and write
2BED000
stack
page read and write
5D90000
heap
page read and write
4F70000
trusted library allocation
page read and write
4FEC000
trusted library allocation
page read and write
5465000
heap
page read and write
2E30000
trusted library allocation
page read and write
E0D000
trusted library allocation
page execute and read and write
1066000
trusted library allocation
page execute and read and write
DDA000
heap
page read and write
5103000
heap
page read and write
52DE000
stack
page read and write
105D000
trusted library allocation
page execute and read and write
E93000
heap
page read and write
6843000
trusted library allocation
page read and write
5190000
trusted library section
page read and write
5530000
trusted library allocation
page execute and read and write
2B6E000
stack
page read and write
53DE000
stack
page read and write
DA5000
trusted library allocation
page execute and read and write
1150000
heap
page read and write
10E0000
trusted library allocation
page execute and read and write
2CA9000
trusted library allocation
page read and write
50E7000
trusted library allocation
page read and write
1286000
trusted library allocation
page read and write
63AE000
stack
page read and write
656E000
stack
page read and write
66AE000
stack
page read and write
64ED000
stack
page read and write
2CF0000
trusted library allocation
page read and write
5878000
trusted library allocation
page read and write
8DE0000
trusted library allocation
page read and write
3C7F000
trusted library allocation
page read and write
4FEA000
trusted library allocation
page read and write
560E000
stack
page read and write
E04000
trusted library allocation
page read and write
6850000
trusted library allocation
page execute and read and write
50E0000
trusted library allocation
page read and write
107B000
trusted library allocation
page execute and read and write
980000
heap
page read and write
5550000
trusted library allocation
page read and write
52C0000
heap
page read and write
There are 243 hidden memdumps, click here to show them.