Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

Download

REQUEST FOR QUOTATION AND CONTRACT.exe

PE32 executable (GUI) Intel 80386, for MS Windows

initial sample

Details

Filetype:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.168069093913941
Filename:	REQUEST FOR QUOTATION AND CONTRACT.exe
Filesize:	1188352
MD5:	056a24804eb461179d5ba23e0cab23c5
SHA1:	ffb017f238ad29af62690cdf8fd0cda5b57801b9
SHA256:	754db6298c3585bfd87e37874921efc2c7521c60c4c325bf4c655062fd1dae73
SHA512:	fe8e4d3258658798b0696d2fcf99e15eeaffd972b6fcbfe8fd2ba3956b5f8f1fcdd31590c83251e7883aa4983deca2d0d2ed2839ead079a694f2685b507f0e45
SSDEEP:	24576:4u6Jx3O0c+JY5UZ+XC0kGso/WaZeMIJJUGMIFB7QO9WY:yI0c++OCvkGsUWaZRwVX7QPY
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6...r}..r}..r}..4,".p}......s}.../..A}.../#..}.../".G}..{.@.{}..{.P.W}..r}..R.....)."}......s}.../..s}..r}T.s}......s}..Richr}.

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection	Disable or Modify Tools
Binary is likely a compiled AutoIt script file	System Summary
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection Disable or Modify Tools
Switches to a custom stack to bypass stack traces	Malware Analysis System Evasion	Security Software Discovery
Writes to foreign memory regions	HIPS / PFW / Operating System Protection Evasion	Disable or Modify Tools
Contains functionality for read data from the clipboard	Key, Mouse, Clipboard, Microphone and Screen Capturing	Clipboard Data
Contains functionality to block mouse and keyboard input (often used to hinder debugging)	Anti Debugging	Disable or Modify Tools
Contains functionality to check if a debugger is running (IsDebuggerPresent)	Anti Debugging
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)	Anti Debugging
Contains functionality to check if a window is minimized (may be used to check if an application is visible)	Hooking and other Techniques for Hiding and Protection	Application Window Discovery
Contains functionality to communicate with device drivers	System Summary
Contains functionality to dynamically determine API calls	Data Obfuscation, Anti Debugging
Contains functionality to execute programs as a different user	HIPS / PFW / Operating System Protection Evasion	Valid Accounts Access Token Manipulation Disable or Modify Tools
Contains functionality to launch a process as a different user	System Summary
Contains functionality to launch a program with higher privileges	HIPS / PFW / Operating System Protection Evasion	Exploitation for Privilege Escalation
Contains functionality to modify clipboard data	Key, Mouse, Clipboard, Microphone and Screen Capturing
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)	Remote Access Functionality
Contains functionality to query CPU information (cpuid)	Language, Device and Operating System Detection	Disable or Modify Tools
Contains functionality to read the PEB	Anti Debugging
Contains functionality to read the clipboard data	Key, Mouse, Clipboard, Microphone and Screen Capturing	Disable or Modify Tools
Contains functionality to retrieve information about pressed keystrokes	Key, Mouse, Clipboard, Microphone and Screen Capturing
Contains functionality to shutdown / reboot the system	System Summary	System Shutdown/Reboot
Contains functionality to simulate keystroke presses	HIPS / PFW / Operating System Protection Evasion
Contains functionality to simulate mouse events	HIPS / PFW / Operating System Protection Evasion
Contains functionality which may be used to detect a debugger (GetProcessHeap)	Anti Debugging
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Disable or Modify Tools
Detected potential crypto function	System Summary	System Time Discovery Archive Collected Data Encrypted Channel
Extensive use of GetProcAddress (often used to hide API calls)	Hooking and other Techniques for Hiding and Protection
Found evasive API chain (date check)	Malware Analysis System Evasion	Native API
Found large amount of non-executed APIs	Malware Analysis System Evasion	System Time Discovery
OS version to string mapping found (often used in BOTs)	Stealing of Sensitive Information	Disable or Modify Tools System Shutdown/Reboot
Potential key logger detected (key state polling based)	Key, Mouse, Clipboard, Microphone and Screen Capturing	Disable or Modify Tools Input Capture
Sample file is different than original file name gathered from version info	System Summary	System Shutdown/Reboot
Uses 32bit PE files	Compliance, System Summary	Disable or Modify Tools
Uses code obfuscation techniques (call, push, ret)	Data Obfuscation
Contains functionality for error logging	System Summary	Disable or Modify Tools
Contains functionality to add an ACL to a security descriptor	HIPS / PFW / Operating System Protection Evasion
Contains functionality to adjust token privileges (e.g. debug / backup)	System Summary
Contains functionality to check free disk space	System Summary
Contains functionality to create a new security descriptor	HIPS / PFW / Operating System Protection Evasion
Contains functionality to download additional files from the internet	Networking
Contains functionality to enum processes or threads	System Summary
Contains functionality to enumerate / list files inside a directory	Spreading, Malware Analysis System Evasion
Contains functionality to instantiate COM classes	System Summary
Contains functionality to load and extract PE file embedded resources	System Summary
Contains functionality to query local / system time	Language, Device and Operating System Detection
Contains functionality to query system information	Malware Analysis System Evasion
Contains functionality to query the account / user name	Language, Device and Operating System Detection	Account Discovery System Owner/User Discovery
Contains functionality to query time zone information	Language, Device and Operating System Detection	System Time Discovery
Contains functionality to query windows version	Language, Device and Operating System Detection
Contains functionality to register its own exception handler	Anti Debugging
Creates temporary files	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection	Disable or Modify Tools
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Discovery
PE file has an executable .text section and no other executable section	System Summary
Program exit points	Malware Analysis System Evasion	Disable or Modify Tools
Reads software policies	System Summary
Sample is known by Antivirus	System Summary	Disable or Modify Tools
Tries to load missing DLLs	System Summary	DLL Side-Loading Disable or Modify Tools
PE file contains a valid data directory to section mapping	System Summary
PE file contains a debug data directory	System Summary
PE file contains a mix of data directories often seen in goodware	System Summary
Submission file is bigger than most known malware samples	System Summary	Disable or Modify Tools

C:\Users\user\AppData\Local\Temp\aut5848.tmp

data

dropped

Details

File:	C:\Users\user\AppData\Local\Temp\aut5848.tmp
Category:	dropped
Dump:	aut5848.tmp.0.dr
ID:	dr_0
Target ID:	0
Process:	C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe
Type:	data
Entropy:	7.992951170099305
Encrypted:	true
Ssdeep:	6144:QXwG10jUR5wYDQB89vb2+7rdhXpdi8Yd3WYsAKzIQFbx1d:UWjURi3B2/Vvdi5d6AKcEx1d
Size:	288256
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates temporary files	System Summary

C:\Users\user\AppData\Local\Temp\e2ZZ3BBL

SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8

dropped

Details

File:	C:\Users\user\AppData\Local\Temp\e2ZZ3BBL
Category:	dropped
Dump:	e2ZZ3BBL.4.dr
ID:	dr_2
Target ID:	4
Process:	C:\Windows\SysWOW64\rasdial.exe
Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
Entropy:	1.121157754129249
Encrypted:	false
Ssdeep:	192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8wH0hL3kWieF:72qOB1nxCkvSAELyKOMq+8wH0hLUZs
Size:	196608
Whitelisted:	false
Reputation:	moderate

C:\Users\user\AppData\Local\Temp\niellists

data

dropped

Details

File:	C:\Users\user\AppData\Local\Temp\niellists
Category:	dropped
Dump:	niellists.0.dr
ID:	dr_1
Target ID:	0
Process:	C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe
Type:	data
Entropy:	7.992951170099305
Encrypted:	true
Ssdeep:	6144:QXwG10jUR5wYDQB89vb2+7rdhXpdi8Yd3WYsAKzIQFbx1d:UWjURi3B2/Vvdi5d6AKcEx1d
Size:	288256
Whitelisted:	false
Reputation:	low

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe

"C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe"

Details

Is windows:	false
Is dropped:	false
PID:	7096
Target ID:	0
Parent PID:	2528
Name:	REQUEST FOR QUOTATION AND CONTRACT.exe
Path:	C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe
Commandline:	"C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe"
Size:	1188352
MD5:	056A24804EB461179D5BA23E0CAB23C5
Time:	06:34:11
Date:	27/03/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x270000
Modulesize:	1216512
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
Binary is likely a compiled AutoIt script file	System Summary
Initial sample is a PE file and has a suspicious name	System Summary
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
OS version to string mapping found (often used in BOTs)	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
Sigma detected: Uncommon Svchost Parent Process	System Summary
Uses 32bit PE files	Compliance, System Summary
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
PE file has an executable .text section and no other executable section	System Summary
Sample is known by Antivirus	System Summary
Sigma detected: Windows Processes Suspicious Parent Directory	System Summary
Spawns processes	System Summary	Process Injection
PE file contains a valid data directory to section mapping	System Summary
Binary contains paths to debug symbols	Compliance, System Summary
PE file contains a debug data directory	System Summary
PE file contains a mix of data directories often seen in goodware	System Summary
Submission file is bigger than most known malware samples	System Summary

C:\Windows\SysWOW64\svchost.exe

"C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe"

Details

Is windows:	true
Is dropped:	false
PID:	7160
Target ID:	2
Parent PID:	7096
Name:	svchost.exe
Path:	C:\Windows\SysWOW64\svchost.exe
Commandline:	"C:\Users\user\Desktop\REQUEST FOR QUOTATION AND CONTRACT.exe"
Size:	46504
MD5:	1ED18311E3DA35942DB37D15FA40CC5B
Time:	06:34:13
Date:	27/03/2025
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x710000
Modulesize:	53248
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection
Writes to foreign memory regions	HIPS / PFW / Operating System Protection Evasion	Process Injection
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Sigma detected: Uncommon Svchost Parent Process	System Summary
Sigma detected: Windows Processes Suspicious Parent Directory	System Summary
Spawns processes	System Summary	Process Injection
Binary contains paths to debug symbols	Compliance, System Summary

C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\0ap7WEMogFSupW0ZiDzRhyC.exe

"C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\6sNiSbauyoTufv.exe"

Details

Is windows:	true
Is dropped:	false
PID:	892
Target ID:	3
Parent PID:	7160
Name:	0ap7WEMogFSupW0ZiDzRhyC.exe
Path:	C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\0ap7WEMogFSupW0ZiDzRhyC.exe
Commandline:	"C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\6sNiSbauyoTufv.exe"
Size:	143872
MD5:	9C98D1A23EFAF1B156A130CEA7D2EE3A
Time:	06:34:15
Date:	27/03/2025
Reason:	existingprocessinject
Reputation:	moderate
Is admin:	false
Is elevated:	false
Modulebase:	0x330000
Modulesize:	163840
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection
Queues an APC in another process (thread injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Sigma detected: Suspicious RASdial Activity	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

C:\Windows\SysWOW64\rasdial.exe

"C:\Windows\SysWOW64\rasdial.exe"

Details

Is windows:	true
Is dropped:	false
PID:	6232
Target ID:	4
Parent PID:	892
Name:	rasdial.exe
Path:	C:\Windows\SysWOW64\rasdial.exe
Commandline:	"C:\Windows\SysWOW64\rasdial.exe"
Size:	19456
MD5:	A280B0F42A83064C41CFFDC1CD35136E
Time:	06:34:17
Date:	27/03/2025
Reason:	newprocess
Reputation:	moderate
Is admin:	false
Is elevated:	false
Modulebase:	0x2d0000
Modulesize:	36864
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Sigma detected: Suspicious RASdial Activity	System Summary
Spawns processes	System Summary	Process Injection
Binary contains paths to debug symbols	Compliance, System Summary

C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\0ap7WEMogFSupW0ZiDzRhyC.exe

"C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\OxY4dEkOLMzT.exe"

Details

Is windows:	true
Is dropped:	false
PID:	1472
Target ID:	7
Parent PID:	6232
Name:	0ap7WEMogFSupW0ZiDzRhyC.exe
Path:	C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\0ap7WEMogFSupW0ZiDzRhyC.exe
Commandline:	"C:\Program Files (x86)\fGYfmdfMqqbolZIWJmZkcskeEDOODutqzYpuKbGxgUTdxWKdWgGvlXHiIRuGkWMhzptsgFaFiK\OxY4dEkOLMzT.exe"
Size:	143872
MD5:	9C98D1A23EFAF1B156A130CEA7D2EE3A
Time:	06:34:30
Date:	27/03/2025
Reason:	existingprocessinject
Reputation:	moderate
Is admin:	false
Is elevated:	false
Modulebase:	0x330000
Modulesize:	163840
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection
Queues an APC in another process (thread injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Sigma detected: Suspicious RASdial Activity	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\Firefox.exe"

Details

Is windows:	true
Is dropped:	false
PID:	6912
Target ID:	14
Parent PID:	6232
Name:	firefox.exe
Path:	C:\Program Files\Mozilla Firefox\firefox.exe
Commandline:	"C:\Program Files\Mozilla Firefox\Firefox.exe"
Size:	676768
MD5:	C86B1BE9ED6496FE0E0CBE73F81D8045
Time:	06:34:42
Date:	27/03/2025
Reason:	newprocess
Reputation:	high
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff77fbd0000
Modulesize:	708608
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Maps a DLL or memory area into another process	HIPS / PFW / Operating System Protection Evasion	Process Injection
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Spawns processes	System Summary	Process Injection
Binary contains paths to debug symbols	Compliance, System Summary

URLs

Name

Malicious

http://www.malekenterprise.xyz/oxmr/

63.250.38.223

http://www.eatdaba.shop/alsx/

3.33.130.190

http://www.yard.chat/hhkr/?QB=CJnT-&ZpehBN=WRQ8nVzWgf/KQb0ffeL0NeJgxUU5jHqpE4F9OlCDBWcYmzOLcWNI7EIKhLkmTG4ytMpH6x968ud+WyJij7QLbOpGWHOYkPOjTS48FwN43EKZ0fXt0A==

76.223.54.146

http://www.xdoge.live/rqbc/?ZpehBN=5sg9WStJmed6VjME3Kfe64Nik1rgYAPNNF5Ls1M9hX3++qOsrt9497SUNUde2qgu72/qGY5naHSQYzut4RKpoGKhKMh1mw1U1fObDwtzHagcS7wPzQ==&QB=CJnT-

76.223.54.146

http://www.blogkart4u.xyz/apzq/

76.223.54.146

http://www.amzavy.info/fxbr/?ZpehBN=F/wA59/4/M9Nbi+sYUut4lw4PyasZ4+QWhvhIz395jUmn9BeNZ3e9xnfgjNBe04yuchCnwG0nupCHtnuD77Jv4X9Ow7jwO4jjjCnMiERC1QyZW2jrA==&QB=CJnT-

47.83.1.90

http://www.vibew.live/simb/

69.57.163.64

http://www.vibew.live/simb/?ZpehBN=YF5NZKfoWrUTagU3xipk95bNO3A2Uo0Yqz/jxfC4ZHk2x4S5thf0Fhq6ePlTgF/E3KWq/74v03hjGMiGQlMQlgqRSVNB+k0ipa4qEAxWa5IupdGzmw==&QB=CJnT-

69.57.163.64

http://www.eatdaba.shop/alsx/?ZpehBN=W7ZSZbLBqSBrvcVxsmXo5NeDybmSShEc+AeEz0V7qSLh5sg23ZZgawUM3DF8n0b743HC/wqdeXgx2Ge7ivufs6oqi0RnHJOl/hlQsp0lnP+kbwNOZQ==&QB=CJnT-

3.33.130.190

http://www.sld6.rest/q0rl/

172.67.178.107

http://www.345bet.xyz/4t2c/

52.20.84.62

http://www.thisisnonft.studio/7l8c/?QB=CJnT-&ZpehBN=2L5r1I0NkwgmoCkaXFUV7PCjqfXABYSQQmPr+mb88xsc18l5JsrN8P4na/1zovBp/q08i+U2Dq1Q+7aBg2wudku+7cHCZwVFZryYx4Z9hcjvy7qzUw==

217.160.0.236

http://www.xdoge.live/rqbc/

76.223.54.146

http://www.sld6.rest/q0rl/?ZpehBN=cjMLiUPNIEKJRugcD5ie306E1QcAw2RoM5jZ77MdzVxw4sbikGHVlnGZceJj7Lt12zvS9KA7LQu5CY7HsPt3d7w6fiTj527JUh+4SctA/mTUB+VicQ==&QB=CJnT-

172.67.178.107

http://www.345bet.xyz/4t2c/?ZpehBN=hOUZp5zhvvvboVHsfQWKoxRySvJL0REK4o7e+wZhZ0xEWil2dLuRW7oNpvvSf5mmi2LDrhOnXxJLvULiJeHGrVMf+X+ojo4UmwQDid7SRgEabCHN6g==&QB=CJnT-

52.20.84.62

http://www.nexusstakes.xyz/qzql/?ZpehBN=1LkUhi4a7IkQ9jN5SE68ok2t2v4YpBhduKl+VTPOyHOwFONU/ygYy8kuWHgEFU6GSVQFD0KX5tjH8ckyCf8HTKP0K4iZoqsJcPa4qOFVeqnKFUYpkQ==&QB=CJnT-

13.248.169.48

http://www.rumgdz.info/t4gy/

47.83.1.90

http://www.etkisigorta.net/2dt5/

213.142.151.128

http://www.thisisnonft.studio/7l8c/

217.160.0.236

http://www.publicblockchain.xyz/ttj6/

13.248.169.48

http://www.nexusstakes.xyz/qzql/

13.248.169.48

http://www.savposalore.shop/mc5z/

172.67.148.163

http://www.rumgdz.info/t4gy/?ZpehBN=tbIjJCDecWG72PJ5fm6b+cp9DyvLm3co3Sr9u1+1s+ZTVcHcO2iEE/p1jUnGhbn0RJW7nG3/a6NuIssH9vveDdZlt3tZ5d4A6uV/oWgUPdbW7rKTwg==&QB=CJnT-

47.83.1.90

http://www.etkisigorta.net/2dt5/?ZpehBN=4kbHOJ5UYllas5e2iij02JK+boi82emZWDKmHL0N5SGoT/v+gNuEoV69wccNvmLlBapPkisqolcfLKFoOywAfhff4BRlXS0LbTj65rXaS4I0MVZCMw==&QB=CJnT-

213.142.151.128

http://www.savposalore.shop/mc5z/?ZpehBN=NpqnvLA9EbuQt0iMwFu/oz6vB3ORQ00reOKN09MhZWvBSGGBRjAjVic3mvcr96DByWV4WVs8Iu37CuPERBjsvx/62eT8+z8YIBFNlFI4KsH8sfqhTw==&QB=CJnT-

172.67.148.163

http://www.blogkart4u.xyz/apzq/?QB=CJnT-&ZpehBN=au1daHn9wgKf20+4s5dbudIXdZzi7fKeXAClWCeNG3Sywxkl0XeeTL4ILw5N/PIPOKD1smdtPeAjU/QWU0zFx9c8VqthReAn4fQBDEkBbOjCxKU3QA==

76.223.54.146

http://www.amzavy.info/fxbr/

47.83.1.90

http://www.publicblockchain.xyz/ttj6/?ZpehBN=iF0RL9l91cg/r0ryQ96WkUNoN9S7LbfTbsX3VnFoQx5VcqP5rWYrT0esrSS4eYlVGZhUHSx68xLL+nijBbyUGcvmhT37i1fgR/gN2Lew/xW7frF2UQ==&QB=CJnT-

13.248.169.48

https://duckduckgo.com/ac/?q=

unknown

https://duckduckgo.com/?q=

unknown

https://ac.ecosia.org?q=

unknown

https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=

unknown

https://www.ecosia.org/newtab/v20

unknown

https://duckduckgo.com/chrome_newtabv20

unknown

https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search

unknown

https://mumhno.sld2.pics/q0rl/?ZpehBN=cjMLiUPNIEKJRugcD5ie306E1QcAw2RoM5jZ77MdzVxw4sbikGHVlnGZceJj7L

unknown

http://ibm-p8-kvm-03-guest-02.virt.pnr.lab.eng.rdu2.redhat.com/

unknown

https://www.xzylm.com

unknown

http://www.nexusstakes.xyz

unknown

https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=

unknown

https://gemini.google.com/app?q=

unknown

https://www.google.com/images/branding/product/ico/googleg_alldp

unknown

There are 32 hidden URLs, click here to show them.

Domains

Name

Malicious

malekenterprise.xyz

63.250.38.223

www.malekenterprise.xyz

unknown

www.savposalore.shop

172.67.148.163

www.thisisnonft.studio

217.160.0.236

eatdaba.shop

3.33.130.190

www.blogkart4u.xyz

76.223.54.146

www.sld6.rest

172.67.178.107

www.nexusstakes.xyz

13.248.169.48

www.rumgdz.info

47.83.1.90

www.amzavy.info

47.83.1.90

www.345bet.xyz

52.20.84.62

www.yard.chat

76.223.54.146

www.vibew.live

69.57.163.64

www.xdoge.live

76.223.54.146

etkisigorta.net

213.142.151.128

www.publicblockchain.xyz

13.248.169.48

www.etkisigorta.net

unknown

www.eatdaba.shop

unknown

www.keertdx.cloud

unknown

There are 9 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

63.250.38.223

malekenterprise.xyz

United States

69.57.163.64

www.vibew.live

United States

52.20.84.62

www.345bet.xyz

United States

13.248.169.48

www.nexusstakes.xyz

United States

172.67.178.107

www.sld6.rest

United States

47.83.1.90

www.rumgdz.info

United States

76.223.54.146

www.blogkart4u.xyz

United States

217.160.0.236

www.thisisnonft.studio

Germany

3.33.130.190

eatdaba.shop

United States

213.142.151.128

etkisigorta.net

Turkey

172.67.148.163

www.savposalore.shop

United States

There are 1 hidden IPs, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

Download

4D70000

system

page execute and read and write

3960000

unclassified section

page execute and read and write

2D00000

system

page execute and read and write

6A00000

unclassified section

page execute and read and write

5320000

unkown

page execute and read and write

4A00000

trusted library allocation

page read and write

30D0000

trusted library allocation

page read and write

400000

system

page execute and read and write

330000

unkown

page readonly

4901000

heap

page read and write

4BE7000

heap

page read and write

3213000

heap

page read and write

40C3000

direct allocation

page read and write

3FF0000

direct allocation

page read and write

346000

unkown

page read and write

3150000

heap

page read and write

6000000

unclassified section

page execute and read and write

3822000

unkown

page read and write

157B000

heap

page read and write

7946000

unclassified section

page execute and read and write

2570000

unkown

page readonly

32E000

unkown

page read and write

CFC000

stack

page read and write

432E000

direct allocation

page read and write

694C000

unclassified section

page read and write

40C3000

direct allocation

page read and write

42BD000

direct allocation

page read and write

3EA000

stack

page read and write

2EB6000

unkown

page read and write

2E77000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

21281EBF000

heap

page read and write

750000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

910000

unkown

page readonly

8F0000

unkown

page readonly

2F09000

heap

page read and write

1573000

heap

page read and write

730000

unkown

page readonly

4901000

heap

page read and write

3C2D000

direct allocation

page execute and read and write

1548000

heap

page read and write

7FB0000

trusted library allocation

page read and write

5FE0000

unclassified section

page read and write

4C2E000

stack

page read and write

4F2D000

direct allocation

page execute and read and write

2EE3000

heap

page read and write

4901000

heap

page read and write

E54000

heap

page read and write

4901000

heap

page read and write

A00000

unkown

page readonly

E61000

unkown

page read and write

1E4E000

stack

page read and write

3F20000

unkown

page execute and read and write

2E82000

heap

page read and write

2F01000

heap

page read and write

E30000

heap

page read and write

4901000

heap

page read and write

6FC000

stack

page read and write

2424000

heap

page read and write

4200000

unclassified section

page execute and read and write

4901000

heap

page read and write

3400000

heap

page read and write

4DBB000

system

page execute and read and write

DB0000

heap

page read and write

9D0000

unkown

page readonly

DC0000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

2E67000

heap

page read and write

349000

unkown

page readonly

15C5000

heap

page read and write

3420000

heap

page read and write

15EA000

heap

page read and write

3690000

unkown

page read and write

4901000

heap

page read and write

349000

unkown

page readonly

2F4F000

heap

page read and write

3200000

heap

page read and write

3960000

direct allocation

page read and write

4901000

heap

page read and write

2270000

heap

page read and write

3417000

heap

page read and write

4901000

heap

page read and write

21283760000

trusted library allocation

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

140F000

stack

page read and write

490C000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

2EC9000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

42DE000

direct allocation

page read and write

4901000

heap

page read and write

3417000

heap

page read and write

4901000

heap

page read and write

2EC9000

heap

page read and write

3A29000

heap

page read and write

4901000

heap

page read and write

33F000

unkown

page readonly

3213000

heap

page read and write

4901000

heap

page read and write

15EA000

heap

page read and write

7ECB000

heap

page read and write

DB4000

heap

page read and write

1039000

stack

page read and write

740000

unkown

page readonly

4140000

direct allocation

page read and write

7F30000

heap

page read and write

2424000

heap

page read and write

4901000

heap

page read and write

21283A21000

trusted library allocation

page read and write

4901000

heap

page read and write

ACA000

heap

page read and write

4901000

heap

page read and write

ACA000

heap

page read and write

7ED1000

heap

page read and write

1D02000

system

page read and write

E3A000

heap

page read and write

1E1C000

system

page read and write

3213000

heap

page read and write

9E0000

heap

page read and write

380000

unkown

page readonly

3E42000

direct allocation

page execute and read and write

9E0000

heap

page read and write

3501000

heap

page read and write

2F70000

heap

page read and write

2F13000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

87E000

stack

page read and write

42A000

unkown

page read and write

349000

unkown

page readonly

21283A17000

trusted library allocation

page read and write

3FFC000

unkown

page read and write

4901000

heap

page read and write

324000

unkown

page readonly

4901000

heap

page read and write

21281EE3000

heap

page read and write

4F4C000

unkown

page read and write

1100000

unkown

page readonly

4901000

heap

page read and write

336C000

unkown

page read and write

23C4000

system

page read and write

21281D70000

system

page execute and read and write

7F19000

heap

page read and write

4901000

heap

page read and write

1490000

unkown

page readonly

167C000

heap

page read and write

830000

unkown

page read and write

370000

unkown

page readonly

3910000

direct allocation

page read and write

7EFF000

heap

page read and write

4901000

heap

page read and write

42DE000

direct allocation

page read and write

3A2D000

heap

page read and write

4901000

heap

page read and write

7F28000

heap

page read and write

67BA000

unclassified section

page read and write

2F34000

heap

page read and write

4190000

direct allocation

page read and write

426D000

direct allocation

page read and write

7F32000

heap

page read and write

7F2B000

heap

page read and write

4C00000

unclassified section

page execute and read and write

4001000

heap

page read and write

4901000

heap

page read and write

A20000

unkown

page read and write

349000

unkown

page readonly

2A30000

unkown

page readonly

330000

unkown

page readonly

4901000

heap

page read and write

330000

unkown

page readonly

2FF000

unkown

page readonly

9D0000

unkown

page readonly

2EF0000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

141B000

stack

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

DD0000

unkown

page readonly

2E82000

heap

page read and write

4901000

heap

page read and write

492A5FE000

stack

page read and write

2ED9000

heap

page read and write

528C000

unclassified section

page read and write

900000

unkown

page readonly

7F35000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

2A20000

heap

page read and write

4901000

heap

page read and write

7F3D000

heap

page read and write

3B46000

unkown

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

E3E000

heap

page read and write

4901000

heap

page read and write

E62000

unkown

page read and write

6304000

unclassified section

page read and write

ACE000

heap

page read and write

332000

unkown

page write copy

270000

unkown

page readonly

4901000

heap

page read and write

432E000

direct allocation

page read and write

890000

unkown

page read and write

4901000

heap

page read and write

2E7D000

heap

page read and write

324000

unkown

page readonly

380E000

stack

page read and write

7F40000

heap

page read and write

4901000

heap

page read and write

3FA0000

direct allocation

page read and write

4901000

heap

page read and write

2F90000

direct allocation

page read and write

2F80000

heap

page read and write

4FB2000

unclassified section

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4C58000

heap

page read and write

E5E000

heap

page read and write

4901000

heap

page read and write

2CC8000

stack

page read and write

3DD1000

direct allocation

page execute and read and write

4929DFD000

stack

page read and write

2EAC000

stack

page read and write

3EA000

stack

page read and write

380000

unkown

page readonly

4901000

heap

page read and write

21283BC4000

trusted library allocation

page read and write

167C000

heap

page read and write

2F1F000

heap

page read and write

4901000

heap

page read and write

2E7E000

heap

page read and write

4901000

heap

page read and write

2EB5000

heap

page read and write

3A9E000

heap

page read and write

21281E40000

heap

page read and write

AC0000

heap

page read and write

168A000

heap

page read and write

6172000

unclassified section

page read and write

85BE000

stack

page read and write

2E94000

heap

page read and write

360000

unkown

page readonly

4901000

heap

page read and write

97A000

stack

page read and write

2DD4000

heap

page read and write

21281DA4000

system

page execute and read and write

4190000

direct allocation

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

22C0000

heap

page read and write

2E88000

heap

page read and write

270000

unkown

page readonly

3520000

unkown

page execute and read and write

4F31000

direct allocation

page execute and read and write

1699000

heap

page read and write

E30000

heap

page read and write

4BB0000

trusted library allocation

page read and write

5600000

unclassified section

page execute and read and write

740000

unkown

page readonly

21281EE0000

heap

page read and write

4901000

heap

page read and write

21281EDC000

heap

page read and write

2F20000

heap

page read and write

31DA000

unkown

page read and write

40C3000

direct allocation

page read and write

2E82000

heap

page read and write

3900000

heap

page read and write

8F6000

heap

page read and write

4901000

heap

page read and write

3213000

heap

page read and write

7F38000

heap

page read and write

2662000

unkown

page read and write

293C000

unkown

page read and write

4901000

heap

page read and write

6266000

unkown

page execute and read and write

2DD4000

heap

page read and write

DD0000

unkown

page readonly

4269000

direct allocation

page read and write

9C0000

unkown

page readonly

E3E000

heap

page read and write

346000

unkown

page read and write

169B000

heap

page read and write

1500000

heap

page read and write

1674000

heap

page read and write

4901000

heap

page read and write

2E20000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

2EEB000

stack

page read and write

4901000

heap

page read and write

9F0000

unkown

page read and write

1490000

heap

page read and write

AC0000

heap

page read and write

21283B01000

trusted library allocation

page read and write

331000

unkown

page execute read

4901000

heap

page read and write

4901000

heap

page read and write

7F2F000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

7F1C000

heap

page read and write

4920000

unkown

page execute and read and write

720000

unkown

page readonly

3213000

heap

page read and write

4901000

heap

page read and write

13FF000

stack

page read and write

D41000

unkown

page readonly

6C70000

unclassified section

page read and write

6496000

unclassified section

page read and write

4901000

heap

page read and write

3202000

heap

page read and write

3700000

heap

page read and write

750000

heap

page read and write

4901000

heap

page read and write

2A30000

unkown

page readonly

4901000

heap

page read and write

30B0000

trusted library allocation

page read and write

8EE000

stack

page read and write

4901000

heap

page read and write

21283900000

trusted library allocation

page read and write

34FE000

unkown

page read and write

299F000

stack

page read and write

7F3E000

heap

page read and write

F51000

unkown

page readonly

4901000

heap

page read and write

3213000

heap

page read and write

331000

unkown

page execute read

2F59000

heap

page read and write

4901000

heap

page read and write

1491000

unkown

page readonly

337000

unkown

page readonly

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4113000

direct allocation

page read and write

7ED6000

heap

page read and write

2EDE000

heap

page read and write

3DCD000

direct allocation

page execute and read and write

4A50000

trusted library allocation

page read and write

3405000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

3213000

heap

page read and write

5866000

unkown

page execute and read and write

256F000

stack

page read and write

4A2F000

heap

page read and write

4901000

heap

page read and write

4C60000

direct allocation

page execute and read and write

2E77000

heap

page read and write

4901000

heap

page read and write

A9C000

unkown

page read and write

2F40000

heap

page read and write

4DE0000

system

page execute and read and write

4901000

heap

page read and write

157B000

heap

page read and write

E3A000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

426D000

direct allocation

page read and write

4901000

heap

page read and write

4113000

direct allocation

page read and write

7EFA000

heap

page read and write

4901000

heap

page read and write

4113000

direct allocation

page read and write

4140000

direct allocation

page read and write

4DE2000

system

page execute and read and write

4901000

heap

page read and write

2E82000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

15EB000

heap

page read and write

7EDB000

heap

page read and write

4D89000

direct allocation

page execute and read and write

370000

unkown

page readonly

7EF4000

heap

page read and write

6F46000

unclassified section

page execute and read and write

4901000

heap

page read and write

2420000

heap

page read and write

21283A0F000

trusted library allocation

page read and write

3E6A000

unkown

page read and write

224E000

stack

page read and write

4901000

heap

page read and write

6FC000

stack

page read and write

271000

unkown

page execute read

85FF000

stack

page read and write

2460000

heap

page read and write

A20000

unkown

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

5B2A000

unclassified section

page read and write

7F46000

heap

page read and write

2E88000

heap

page read and write

7F22000

heap

page read and write

4901000

heap

page read and write

1FDC000

system

page read and write

2F2A000

heap

page read and write

2DD4000

heap

page read and write

7EAE000

stack

page read and write

8F0000

heap

page read and write

1E0E000

stack

page read and write

4901000

heap

page read and write

277C000

unkown

page read and write

42B9000

direct allocation

page read and write

DAE000

stack

page read and write

2E79000

heap

page read and write

4901000

heap

page read and write

A00000

unkown

page readonly

2E79000

heap

page read and write

30B0000

heap

page read and write

331000

unkown

page execute read

730000

unkown

page readonly

341A000

heap

page read and write

2ECF000

heap

page read and write

42BD000

direct allocation

page read and write

2ED9000

heap

page read and write

4901000

heap

page read and write

21281EB9000

heap

page read and write

4901000

heap

page read and write

1540000

heap

page read and write

426D000

direct allocation

page read and write

2E82000

heap

page read and write

910000

unkown

page readonly

160A000

heap

page read and write

42DE000

direct allocation

page read and write

346000

unkown

page read and write

DF0000

unkown

page read and write

4901000

heap

page read and write

CFC000

stack

page read and write

2C8B000

stack

page read and write

271000

unkown

page execute read

4901000

heap

page read and write

3412000

heap

page read and write

830000

unkown

page read and write

418E000

unkown

page read and write

33F000

unkown

page readonly

4901000

heap

page read and write

4901000

heap

page read and write

7EC3000

heap

page read and write

21283A0A000

trusted library allocation

page read and write

4901000

heap

page read and write

21283760000

trusted library allocation

page read and write

4901000

heap

page read and write

39B4000

unkown

page read and write

7BF0000

trusted library allocation

page read and write

1100000

unkown

page readonly

4DFE000

direct allocation

page execute and read and write

3FF0000

direct allocation

page read and write

15EA000

heap

page read and write

21281DA6000

system

page execute and read and write

7EDE000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

2ECF000

heap

page read and write

4FA2000

direct allocation

page execute and read and write

BC0000

unkown

page readonly

3C29000

direct allocation

page execute and read and write

3823000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

3C00000

heap

page read and write

2D80000

heap

page read and write

4901000

heap

page read and write

2E60000

heap

page read and write

2290000

direct allocation

page execute and read and write

50CC000

unclassified section

page read and write

8F0000

unkown

page readonly

4901000

heap

page read and write

3405000

heap

page read and write

42BD000

direct allocation

page read and write

44B2000

unkown

page read and write

4901000

heap

page read and write

21281EE3000

heap

page read and write

2722000

unkown

page read and write

4901000

heap

page read and write

4D8D000

direct allocation

page execute and read and write

2EF0000

heap

page read and write

7FC8000

heap

page read and write

F50000

unkown

page readonly

6628000

unclassified section

page read and write

370E000

stack

page read and write

4DC4000

system

page execute and read and write

42B9000

direct allocation

page read and write

346000

unkown

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

3FA0000

direct allocation

page read and write

DB0000

heap

page read and write

21283870000

heap

page read and write

49295FB000

stack

page read and write

4901000

heap

page read and write

890000

unkown

page read and write

4B00000

trusted library allocation

page execute and read and write

2EFB000

heap

page read and write

1689000

heap

page read and write

2D24000

unkown

page read and write

6EDE000

unclassified section

page execute and read and write

9FF000

stack

page read and write

4901000

heap

page read and write

5CBC000

unclassified section

page read and write

3960000

direct allocation

page read and write

1DC2000

system

page read and write

4901000

heap

page read and write

2F3F000

heap

page read and write

DC0000

heap

page read and write

4901000

heap

page read and write

7F3B000

heap

page read and write

2F3A000

heap

page read and write

4BB0000

trusted library allocation

page read and write

3C9E000

direct allocation

page execute and read and write

2DD0000

heap

page read and write

4901000

heap

page read and write

97A000

stack

page read and write

9F0000

unkown

page read and write

2B20000

unkown

page execute and read and write

337000

unkown

page readonly

4901000

heap

page read and write

4901000

heap

page read and write

293C000

unkown

page read and write

A40000

unkown

page read and write

7EB7000

heap

page read and write

5806000

unclassified section

page read and write

5E4E000

unclassified section

page read and write

4901000

heap

page read and write

2EBE000

heap

page read and write

2EE3000

heap

page read and write

7EE8000

heap

page read and write

4901000

heap

page read and write

14DD000

stack

page read and write

21283BA6000

trusted library allocation

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

1689000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

7EE3000

heap

page read and write

D41000

unkown

page readonly

7F05000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

492ADFE000

stack

page read and write

32E000

unkown

page write copy

2F0C000

heap

page read and write

A30000

unkown

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

4BB0000

trusted library allocation

page read and write

3C04000

heap

page read and write

2570000

unkown

page readonly

5674000

unclassified section

page read and write

ACE000

heap

page read and write

6ADE000

unclassified section

page read and write

3213000

heap

page read and write

21283A03000

trusted library allocation

page read and write

2420000

heap

page read and write

1574000

heap

page read and write

4901000

heap

page read and write

3F50000

direct allocation

page read and write

33F000

unkown

page readonly

4E37000

system

page execute and read and write

3CD8000

unkown

page read and write

57FE000

unkown

page execute and read and write

9C0000

unkown

page readonly

DB4000

heap

page read and write

1581000

heap

page read and write

4901000

heap

page read and write

8060000

trusted library allocation

page read and write

4269000

direct allocation

page read and write

4901000

heap

page read and write

BC0000

unkown

page readonly

4BE3000

heap

page read and write

167C000

heap

page read and write

360000

unkown

page readonly

331000

unkown

page execute read

8F0000

heap

page read and write

2FCE000

stack

page read and write

4901000

heap

page read and write

21283BBE000

trusted library allocation

page read and write

3FA0000

direct allocation

page read and write

21283A00000

trusted library allocation

page read and write

14E0000

heap

page read and write

4901000

heap

page read and write

6E02000

unclassified section

page read and write

4DD4000

system

page execute and read and write

DF0000

unkown

page read and write

42B9000

direct allocation

page read and write

4900000

heap

page read and write

4901000

heap

page read and write

33F000

unkown

page readonly

9B0000

unkown

page readonly

21283760000

trusted library allocation

page read and write

21281E60000

heap

page read and write

4901000

heap

page read and write

5072000

unclassified section

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

143D000

stack

page read and write

D3E000

stack

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

881000

unkown

page readonly

3B00000

direct allocation

page execute and read and write

D50000

unkown

page read and write

1581000

heap

page read and write

4140000

direct allocation

page read and write

2662000

unkown

page read and write

720000

unkown

page readonly

3213000

heap

page read and write

3FF0000

direct allocation

page read and write

AE9000

heap

page read and write

2F0E000

heap

page read and write

21281E90000

heap

page read and write

10FF000

stack

page read and write

4901000

heap

page read and write

21281EB0000

heap

page read and write

169C000

heap

page read and write

2EDE000

heap

page read and write

2E7D000

heap

page read and write

D50000

unkown

page read and write

4269000

direct allocation

page read and write

3960000

direct allocation

page read and write

4BE0000

heap

page read and write

4901000

heap

page read and write

2A20000

heap

page read and write

432E000

direct allocation

page read and write

21281ECC000

heap

page read and write

9B0000

unkown

page readonly

900000

unkown

page readonly

390F000

stack

page read and write

2E82000

heap

page read and write

4901000

heap

page read and write

4901000

heap

page read and write

881000

unkown

page readonly

4901000

heap

page read and write

4ABA000

heap

page read and write

2FF000

unkown

page readonly

15EA000

heap

page read and write

2F44000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

3213000

heap

page read and write

4901000

heap

page read and write

4320000

unkown

page read and write

4901000

heap

page read and write

4190000

direct allocation

page read and write

4901000

heap

page read and write

330000

unkown

page readonly

2460000

heap

page read and write

There are 658 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
REQUEST FOR QUOTATION AND CONTRACT.exe

Files

Processes

URLs

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportREQUEST FOR QUOTATION AND CONTRACT.exe

Files

Processes

URLs

Domains

IPs

Memdumps

IOC Report
REQUEST FOR QUOTATION AND CONTRACT.exe