IOC Report
XClient.exe

ProcessesURLsIPsMemdumps21010Label

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\XClient.exe
"C:\Users\user\Desktop\XClient.exe"
malicious

URLs

Name
IP
Malicious
45.32.153.7
malicious
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
127.0.0.1

IPs

IP
Domain
Country
Malicious
45.32.153.7
unknown
United States
malicious
127.0.0.1
unknown
unknown
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
2501000
trusted library allocation
page read and write
malicious
1D2000
unkown
page readonly
malicious
7FFB4B252000
trusted library allocation
page read and write
1AF63000
heap
page read and write
1B498000
heap
page read and write
7FFB4B2FC000
trusted library allocation
page execute and read and write
632000
heap
page read and write
1250E000
trusted library allocation
page read and write
651000
heap
page read and write
1AF4E000
stack
page read and write
7FFB4B29C000
trusted library allocation
page execute and read and write
1B4DD000
heap
page read and write
1A888000
heap
page read and write
5F4000
heap
page read and write
1BA8C000
stack
page read and write
7FFB4B244000
trusted library allocation
page read and write
7FFB4B2F0000
trusted library allocation
page read and write
8F0000
trusted library allocation
page read and write
606000
heap
page read and write
1AF60000
heap
page read and write
560000
heap
page read and write
1B35C000
stack
page read and write
7FFB4B264000
trusted library allocation
page read and write
5C6000
heap
page read and write
1B4D9000
heap
page read and write
1B150000
heap
page execute and read and write
24BE000
stack
page read and write
1A530000
trusted library allocation
page read and write
12508000
trusted library allocation
page read and write
7FF463020000
trusted library allocation
page execute and read and write
24F0000
heap
page read and write
1AECA000
stack
page read and write
604000
heap
page read and write
7FFB4B360000
trusted library allocation
page execute and read and write
940000
heap
page read and write
570000
heap
page read and write
7FFB4B300000
trusted library allocation
page execute and read and write
1B140000
heap
page read and write
7FFB4B250000
trusted library allocation
page read and write
12501000
trusted library allocation
page read and write
5F7000
heap
page read and write
890000
heap
page read and write
BA5000
heap
page read and write
2350000
heap
page read and write
8D0000
trusted library allocation
page read and write
630000
heap
page read and write
1B4B1000
heap
page read and write
1B064000
stack
page read and write
68D000
heap
page read and write
1D0000
unkown
page readonly
23B0000
heap
page execute and read and write
7FFB4B3E0000
trusted library allocation
page read and write
900000
trusted library allocation
page read and write
514000
stack
page read and write
1BC8A000
stack
page read and write
1B25E000
stack
page read and write
1BB8C000
stack
page read and write
1BD8C000
stack
page read and write
7FFB4B26D000
trusted library allocation
page execute and read and write
590000
heap
page read and write
1B475000
heap
page read and write
1B4C3000
heap
page read and write
7FFB4B24D000
trusted library allocation
page execute and read and write
7FFB4B25D000
trusted library allocation
page execute and read and write
7FFB4B260000
trusted library allocation
page read and write
656000
heap
page read and write
1D0000
unkown
page readonly
1B460000
heap
page read and write
BA0000
heap
page read and write
1B4C9000
heap
page read and write
1B45F000
stack
page read and write
5CC000
heap
page read and write
A4E000
stack
page read and write
7FFB4B3F1000
trusted library allocation
page read and write
639000
heap
page read and write
5EE000
heap
page read and write
1B4A4000
heap
page read and write
945000
heap
page read and write
7FFB4B243000
trusted library allocation
page execute and read and write
7FFB4B2F6000
trusted library allocation
page read and write
88D000
stack
page read and write
7FFB4B240000
trusted library allocation
page read and write
903000
trusted library allocation
page read and write
64D000
heap
page read and write
5C0000
heap
page read and write
B4C000
stack
page read and write
1AF0F000
stack
page read and write
7FFB4B326000
trusted library allocation
page execute and read and write
1AA8C000
stack
page read and write
There are 79 hidden memdumps, click here to show them.