IOC Report
LummaC2.exe

loading gifProcessesURLsMemdumps1020102Label

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\LummaC2.exe
"C:\Users\user\Desktop\LummaC2.exe"
malicious

URLs

Name
IP
Malicious
clockersspic.click
malicious
wordyfindy.lat
slipperyloo.lat
curverpluch.lat
tentabatte.lat
bashfulacid.lat
manyrestro.lat
shapestickyr.lat
talkynicer.lat

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
AAA000
heap
page read and write
EF6000
unkown
page write copy
EB1000
unkown
page execute read
EB0000
unkown
page readonly
59C000
stack
page read and write
EF3000
unkown
page readonly
EB1000
unkown
page execute read
EB0000
unkown
page readonly
AC4000
heap
page read and write
F04000
unkown
page readonly
EFA000
unkown
page read and write
EF3000
unkown
page readonly
AAE000
heap
page read and write
5F0000
heap
page read and write
ACA000
heap
page read and write
49C000
stack
page read and write
EF6000
unkown
page write copy
F04000
unkown
page readonly
AA0000
heap
page read and write
970000
heap
page read and write
8D0000
heap
page read and write
There are 11 hidden memdumps, click here to show them.