IOC Report
New v2.2.0.exe

loading gifFilesProcessesURLsDomainsIPsMemdumps8642010010Label

Files

File Path
Type
Category
Malicious
Download
New v2.2.0.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Local\Temp\528993\Mtv.com
PE32 executable (GUI) Intel 80386, for MS Windows
modified
malicious
C:\Users\user\AppData\Local\Temp\528993\r
data
dropped
C:\Users\user\AppData\Local\Temp\Albuquerque
data
dropped
C:\Users\user\AppData\Local\Temp\Ali
data
dropped
C:\Users\user\AppData\Local\Temp\Architect
data
dropped
C:\Users\user\AppData\Local\Temp\Bookmarks
data
dropped
C:\Users\user\AppData\Local\Temp\Cancelled
data
dropped
C:\Users\user\AppData\Local\Temp\Dancing
data
dropped
C:\Users\user\AppData\Local\Temp\Electron
data
dropped
C:\Users\user\AppData\Local\Temp\Excellence
data
dropped
C:\Users\user\AppData\Local\Temp\Excluding
data
dropped
C:\Users\user\AppData\Local\Temp\Favorites
Microsoft Cabinet archive data, 489438 bytes, 11 files, at 0x2c +A "Ali" +A "Sept", ID 8003, number 1, 29 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\Local\Temp\Hd
ASCII text, with very long lines (672), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Hd.cmd
ASCII text, with very long lines (672), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Interact
data
dropped
C:\Users\user\AppData\Local\Temp\Iso
data
dropped
C:\Users\user\AppData\Local\Temp\Nashville
data
dropped
C:\Users\user\AppData\Local\Temp\Need
OpenPGP Public Key
dropped
C:\Users\user\AppData\Local\Temp\Oral
data
dropped
C:\Users\user\AppData\Local\Temp\Peak
data
dropped
C:\Users\user\AppData\Local\Temp\Represents
data
dropped
C:\Users\user\AppData\Local\Temp\Sept
data
dropped
C:\Users\user\AppData\Local\Temp\Sexually
data
dropped
There are 14 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\New v2.2.0.exe
"C:\Users\user\Desktop\New v2.2.0.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c copy Hd Hd.cmd & Hd.cmd
malicious
C:\Windows\SysWOW64\findstr.exe
findstr /I "opssvc wrsa"
malicious
C:\Windows\SysWOW64\findstr.exe
findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c md 528993
malicious
C:\Windows\SysWOW64\findstr.exe
findstr /V "Armed" Interact
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b 528993\Mtv.com + Nashville + Ali + Sept + Electron + Represents + Peak + Architect + Cancelled + Iso + Albuquerque 528993\Mtv.com
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b ..\Excellence + ..\Need + ..\Bookmarks + ..\Excluding + ..\Oral + ..\Sexually + ..\Dancing r
malicious
C:\Users\user\AppData\Local\Temp\528993\Mtv.com
Mtv.com r
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\extrac32.exe
extrac32 /Y /E Favorites
C:\Windows\SysWOW64\choice.exe
choice /d y /t 5
There are 4 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://guardeduppe.com/api
188.114.97.3
malicious
http://www.autoitscript.com/autoit3/X
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
https://www.autoitscript.com/autoit3/
unknown

Domains

Name
IP
Malicious
guardeduppe.com
188.114.97.3
malicious
languageslearning.click
unknown
mTMkcxvkIwxptIgILJhhdWlcBBr.mTMkcxvkIwxptIgILJhhdWlcBBr
unknown

IPs

IP
Domain
Country
Malicious
188.114.97.3
guardeduppe.com
European Union
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
447A000
trusted library allocation
page read and write
3157000
heap
page read and write
35F2000
heap
page read and write
4486000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
1168000
heap
page read and write
315B000
heap
page read and write
2E0F000
stack
page read and write
1168000
heap
page read and write
40E1000
trusted library allocation
page read and write
44B0000
trusted library allocation
page read and write
304B000
heap
page read and write
318E000
stack
page read and write
43E9000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
2DCE000
stack
page read and write
1168000
heap
page read and write
44CC000
trusted library allocation
page read and write
400000
unkown
page readonly
BDE000
stack
page read and write
409000
unkown
page readonly
4497000
trusted library allocation
page read and write
44AE000
trusted library allocation
page read and write
2E6E000
heap
page read and write
40E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
2E7C000
heap
page read and write
B2D000
stack
page read and write
50E0000
trusted library allocation
page read and write
30CE000
stack
page read and write
44C2000
trusted library allocation
page read and write
35F2000
heap
page read and write
500000
unkown
page readonly
3010000
heap
page read and write
40E1000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
1168000
heap
page read and write
40E1000
trusted library allocation
page read and write
4471000
trusted library allocation
page read and write
44A3000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
4B3F000
stack
page read and write
2E78000
heap
page read and write
43EB000
trusted library allocation
page read and write
4494000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
44B3000
trusted library allocation
page read and write
4FE0000
heap
page read and write
5BA000
heap
page read and write
35F1000
heap
page read and write
44A8000
trusted library allocation
page read and write
2DBF000
stack
page read and write
4153000
trusted library allocation
page read and write
4151000
trusted library allocation
page read and write
B90000
heap
page read and write
2230000
heap
page read and write
43ED000
trusted library allocation
page read and write
1168000
heap
page read and write
1168000
heap
page read and write
4483000
trusted library allocation
page read and write
1168000
heap
page read and write
44BC000
trusted library allocation
page read and write
23EE000
stack
page read and write
43ED000
trusted library allocation
page read and write
1168000
heap
page read and write
2E7C000
heap
page read and write
E26000
heap
page read and write
3033000
heap
page read and write
2E28000
heap
page read and write
594000
heap
page read and write
40E1000
trusted library allocation
page read and write
1168000
heap
page read and write
4B90000
heap
page read and write
3057000
heap
page read and write
4480000
trusted library allocation
page read and write
1168000
heap
page read and write
5BA000
heap
page read and write
43E4000
trusted library allocation
page read and write
8CC000
stack
page read and write
43E5000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
310F000
stack
page read and write
D04000
heap
page read and write
44B4000
trusted library allocation
page read and write
43ED000
trusted library allocation
page read and write
1168000
heap
page read and write
46B000
unkown
page read and write
43E1000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
2840000
heap
page read and write
43ED000
trusted library allocation
page read and write
315B000
heap
page read and write
305D000
heap
page read and write
314E000
stack
page read and write
414E000
trusted library allocation
page read and write
705000
unkown
page readonly
40C000
unkown
page read and write
5DD000
heap
page read and write
43EA000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
459B000
trusted library allocation
page read and write
1168000
heap
page read and write
1168000
heap
page read and write
41E1000
trusted library allocation
page read and write
4C80000
heap
page read and write
35F2000
heap
page read and write
43E2000
trusted library allocation
page read and write
44BA000
trusted library allocation
page read and write
2E6B000
heap
page read and write
2CBE000
stack
page read and write
4470000
trusted library allocation
page read and write
3173000
heap
page read and write
40E1000
trusted library allocation
page read and write
447A000
trusted library allocation
page read and write
35F2000
heap
page read and write
41E1000
trusted library allocation
page read and write
1168000
heap
page read and write
44B8000
trusted library allocation
page read and write
29FE000
stack
page read and write
3029000
heap
page read and write
43EE000
trusted library allocation
page read and write
690000
heap
page read and write
31CE000
stack
page read and write
1168000
heap
page read and write
2E7C000
heap
page read and write
58D000
heap
page read and write
7041000
heap
page read and write
43E5000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
35F2000
heap
page read and write
415B000
trusted library allocation
page read and write
1168000
heap
page read and write
44AE000
trusted library allocation
page read and write
401000
unkown
page execute read
302E000
heap
page read and write
40E1000
trusted library allocation
page read and write
447F000
trusted library allocation
page read and write
3110000
heap
page read and write
40E1000
trusted library allocation
page read and write
4547000
trusted library allocation
page read and write
4470000
trusted library allocation
page read and write
415E000
trusted library allocation
page read and write
302E000
heap
page read and write
43E2000
trusted library allocation
page read and write
7048000
heap
page read and write
452C000
trusted library allocation
page read and write
8CE000
stack
page read and write
41E1000
trusted library allocation
page read and write
594000
heap
page read and write
1168000
heap
page read and write
40E1000
trusted library allocation
page read and write
44A8000
trusted library allocation
page read and write
34A3000
heap
page read and write
447F000
trusted library allocation
page read and write
88F000
stack
page read and write
43E5000
trusted library allocation
page read and write
43EE000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
43EF000
trusted library allocation
page read and write
43E8000
trusted library allocation
page read and write
930000
heap
page read and write
5C1000
heap
page read and write
44A2000
trusted library allocation
page read and write
34A0000
heap
page read and write
43EA000
trusted library allocation
page read and write
43E7000
trusted library allocation
page read and write
43E2000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
1168000
heap
page read and write
43E3000
trusted library allocation
page read and write
43E7000
trusted library allocation
page read and write
4157000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
3018000
heap
page read and write
2E20000
heap
page read and write
2E6B000
heap
page read and write
44A2000
trusted library allocation
page read and write
4C24000
heap
page read and write
305D000
heap
page read and write
2FF0000
heap
page read and write
2E3C000
stack
page read and write
44CC000
trusted library allocation
page read and write
1168000
heap
page read and write
6B0000
heap
page read and write
459F000
trusted library allocation
page read and write
98000
stack
page read and write
4495000
trusted library allocation
page read and write
43EF000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
449C000
trusted library allocation
page read and write
1168000
heap
page read and write
44B5000
trusted library allocation
page read and write
448F000
trusted library allocation
page read and write
4FAF000
stack
page read and write
4495000
trusted library allocation
page read and write
5AA000
heap
page read and write
2F16000
heap
page read and write
4518000
trusted library allocation
page read and write
4C0E000
stack
page read and write
55A000
heap
page read and write
2F3F000
stack
page read and write
1168000
heap
page read and write
43E6000
trusted library allocation
page read and write
3030000
heap
page read and write
447C000
trusted library allocation
page read and write
5DD000
heap
page read and write
1168000
heap
page read and write
40E1000
trusted library allocation
page read and write
590000
heap
page read and write
448B000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
2F10000
heap
page read and write
3137000
heap
page read and write
4BA0000
heap
page read and write
449E000
trusted library allocation
page read and write
43E6000
trusted library allocation
page read and write
42C000
unkown
page read and write
41E1000
trusted library allocation
page read and write
43EA000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
4BCF000
stack
page read and write
2D8F000
stack
page read and write
9CF000
stack
page read and write
44AB000
trusted library allocation
page read and write
305D000
heap
page read and write
4575000
trusted library allocation
page read and write
4450000
trusted library allocation
page read and write
35F1000
heap
page read and write
313F000
heap
page read and write
43EF000
trusted library allocation
page read and write
4F6E000
stack
page read and write
550000
heap
page read and write
40E1000
trusted library allocation
page read and write
3058000
heap
page read and write
EBF000
heap
page read and write
44A5000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
43E1000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
43E9000
trusted library allocation
page read and write
88C000
stack
page read and write
4493000
trusted library allocation
page read and write
6FD000
unkown
page write copy
5B6000
heap
page read and write
35F2000
heap
page read and write
43EA000
trusted library allocation
page read and write
35F2000
heap
page read and write
34AB000
heap
page read and write
4481000
trusted library allocation
page read and write
3141000
heap
page read and write
2E6F000
heap
page read and write
3054000
heap
page read and write
304B000
heap
page read and write
43EC000
trusted library allocation
page read and write
C90000
trusted library allocation
page read and write
5C1000
heap
page read and write
227E000
stack
page read and write
2290000
heap
page read and write
3080000
heap
page read and write
44C3000
trusted library allocation
page read and write
4149000
trusted library allocation
page read and write
22EB000
heap
page read and write
EA0000
heap
page read and write
43E4000
trusted library allocation
page read and write
43ED000
trusted library allocation
page read and write
630000
unkown
page readonly
4156000
trusted library allocation
page read and write
3158000
heap
page read and write
2FF0000
heap
page read and write
29BE000
stack
page read and write
6B5000
heap
page read and write
40E1000
trusted library allocation
page read and write
1168000
heap
page read and write
4AFE000
stack
page read and write
1168000
heap
page read and write
457B000
trusted library allocation
page read and write
2E30000
heap
page read and write
40E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
1168000
heap
page read and write
415A000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
3137000
heap
page read and write
40E1000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
3128000
heap
page read and write
3133000
heap
page read and write
420000
unkown
page read and write
43E5000
trusted library allocation
page read and write
44A5000
trusted library allocation
page read and write
400000
unkown
page readonly
40E1000
trusted library allocation
page read and write
2F7E000
stack
page read and write
4498000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
6F3000
unkown
page readonly
22E5000
heap
page read and write
2E38000
heap
page read and write
5B6000
heap
page read and write
510000
heap
page read and write
2B7E000
stack
page read and write
449E000
trusted library allocation
page read and write
2EFC000
stack
page read and write
2DFC000
stack
page read and write
2D0E000
stack
page read and write
44A6000
trusted library allocation
page read and write
2E7C000
stack
page read and write
3173000
heap
page read and write
2D40000
heap
page read and write
451C000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
1168000
heap
page read and write
2E52000
heap
page read and write
401000
unkown
page execute read
4EEE000
stack
page read and write
304E000
heap
page read and write
2E4E000
heap
page read and write
AEC000
stack
page read and write
C90000
trusted library allocation
page read and write
C90000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
4C4F000
stack
page read and write
2F0D000
stack
page read and write
2E7C000
heap
page read and write
23F4000
heap
page read and write
3157000
heap
page read and write
6CD000
unkown
page readonly
3133000
heap
page read and write
43E0000
trusted library allocation
page read and write
5A1000
heap
page read and write
32B2000
heap
page read and write
4572000
trusted library allocation
page read and write
304B000
heap
page read and write
44AE000
trusted library allocation
page read and write
40C000
unkown
page write copy
43E8000
trusted library allocation
page read and write
43E5000
trusted library allocation
page read and write
2E4E000
heap
page read and write
2E6B000
heap
page read and write
41E1000
trusted library allocation
page read and write
43E2000
trusted library allocation
page read and write
4EAF000
stack
page read and write
2E6B000
heap
page read and write
2C7F000
stack
page read and write
2EC0000
heap
page read and write
1168000
heap
page read and write
520000
heap
page read and write
40E1000
trusted library allocation
page read and write
43E1000
trusted library allocation
page read and write
35F2000
heap
page read and write
40E1000
trusted library allocation
page read and write
44CF000
trusted library allocation
page read and write
590000
heap
page read and write
4499000
trusted library allocation
page read and write
2E77000
heap
page read and write
44A9000
trusted library allocation
page read and write
4E6E000
stack
page read and write
43E0000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
3055000
heap
page read and write
303C000
stack
page read and write
940000
heap
page read and write
2DD9000
stack
page read and write
43EC000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
41E1000
trusted library allocation
page read and write
55E000
heap
page read and write
68E000
stack
page read and write
40E1000
trusted library allocation
page read and write
23F0000
heap
page read and write
35F2000
heap
page read and write
500000
unkown
page readonly
3220000
heap
page read and write
3157000
heap
page read and write
3137000
heap
page read and write
4F2F000
stack
page read and write
43EB000
trusted library allocation
page read and write
3018000
heap
page read and write
4484000
trusted library allocation
page read and write
19A000
stack
page read and write
701000
unkown
page write copy
43E1000
trusted library allocation
page read and write
5F1000
heap
page read and write
3207000
heap
page read and write
2E7A000
heap
page read and write
455F000
trusted library allocation
page read and write
44AC000
trusted library allocation
page read and write
D04000
heap
page read and write
4483000
trusted library allocation
page read and write
2FBF000
stack
page read and write
304F000
heap
page read and write
305D000
heap
page read and write
44BF000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
3230000
heap
page read and write
43EC000
trusted library allocation
page read and write
44BE000
trusted library allocation
page read and write
2E4F000
heap
page read and write
44C7000
trusted library allocation
page read and write
1168000
heap
page read and write
35F2000
heap
page read and write
3200000
heap
page read and write
7040000
heap
page read and write
43E5000
trusted library allocation
page read and write
43ED000
trusted library allocation
page read and write
283F000
stack
page read and write
22E0000
heap
page read and write
5F1000
heap
page read and write
43E5000
trusted library allocation
page read and write
43EE000
trusted library allocation
page read and write
3010000
heap
page read and write
409000
unkown
page readonly
4B8E000
stack
page read and write
21AE000
stack
page read and write
434000
unkown
page read and write
414D000
trusted library allocation
page read and write
40E1000
trusted library allocation
page read and write
22A0000
heap
page read and write
43E6000
trusted library allocation
page read and write
414A000
trusted library allocation
page read and write
34A7000
heap
page read and write
631000
unkown
page execute read
44CE000
trusted library allocation
page read and write
589000
heap
page read and write
35F2000
heap
page read and write
454E000
trusted library allocation
page read and write
4C20000
heap
page read and write
1168000
heap
page read and write
E15000
heap
page read and write
304B000
heap
page read and write
44AD000
trusted library allocation
page read and write
5010000
heap
page read and write
40E1000
trusted library allocation
page read and write
BE0000
heap
page read and write
448A000
trusted library allocation
page read and write
1168000
heap
page read and write
35F2000
heap
page read and write
5A1000
heap
page read and write
3120000
heap
page read and write
43EA000
trusted library allocation
page read and write
43EA000
trusted library allocation
page read and write
315B000
heap
page read and write
40E1000
trusted library allocation
page read and write
4146000
trusted library allocation
page read and write
315B000
heap
page read and write
There are 443 hidden memdumps, click here to show them.