Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\j1gw88aHdL.exe

"C:\Users\user\Desktop\j1gw88aHdL.exe"

Details

Is windows:	false
Is dropped:	false
PID:	7428
Target ID:	0
Parent PID:	4056
Name:	j1gw88aHdL.exe
Path:	C:\Users\user\Desktop\j1gw88aHdL.exe
Commandline:	"C:\Users\user\Desktop\j1gw88aHdL.exe"
Size:	17226969
MD5:	FD682A2C1ED42403A8E943010F660F79
Time:	08:14:21
Date:	26/12/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff7d4bf0000
Modulesize:	360448
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
PE file has an executable .text section and no other executable section	System Summary
Sample is known by Antivirus	System Summary
Sample reads its own file content	System Summary
PE file contains a valid data directory to section mapping	System Summary
PE file contains a debug data directory	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE file contains a mix of data directories often seen in goodware	System Summary
PE file has a high image base, often used for DLLs	System Summary
Submission file is bigger than most known malware samples	System Summary

Memdumps

Base Address

Regiontype

Protect

Malicious

2B84BED5000

heap

page read and write

2B84BEDC000

heap

page read and write

2B84BED8000

heap

page read and write

7FF7D4C34000

unkown

page readonly

2B84BECF000

heap

page read and write

2B84BEB8000

heap

page read and write

7FF7D4C2E000

unkown

page read and write

FB177CD000

stack

page read and write

7FF7D4BF1000

unkown

page execute read

2B84D870000

heap

page read and write

7FF7D4C2E000

unkown

page write copy

7FF7D4BF1000

unkown

page execute read

2B84BECF000

heap

page read and write

2B84BEB0000

heap

page read and write

FB173E6000

stack

page read and write

2B84D760000

heap

page read and write

2B84BED8000

heap

page read and write

2B84BE50000

heap

page read and write

FB179BF000

stack

page read and write

2B84BEE3000

heap

page read and write

FB175DE000

stack

page read and write

7FF7D4BF0000

unkown

page readonly

2B84D7D3000

heap

page read and write

7FF7D4C32000

unkown

page read and write

2B84BEE9000

heap

page read and write

2B84D86A000

heap

page read and write

2B84BE20000

heap

page read and write

2B84BED8000

heap

page read and write

2B84BEDD000

heap

page read and write

2B84D860000

heap

page read and write

7FF7D4C1B000

unkown

page readonly

2B84BD40000

heap

page read and write

7FF7D4C1B000

unkown

page readonly

2B84D7D0000

heap

page read and write

7FF7D4C34000

unkown

page readonly

7FF7D4BF0000

unkown

page readonly

2B84BECC000

heap

page read and write

2B84D865000

heap

page read and write

2B8508B0000

trusted library allocation

page read and write

There are 29 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
j1gw88aHdL.exe

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportj1gw88aHdL.exe

Processes

Memdumps

IOC Report
j1gw88aHdL.exe