IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious

URLs

Name
IP
Malicious
https://46.183.218.37/
unknown
https://46.183.218.37/community/wiki-self-signed/name-signed.php
unknown

IPs

IP
Domain
Country
Malicious
46.183.218.37
unknown
Latvia

Memdumps

Base Address
Regiontype
Protect
Malicious
4F9000
stack
page read and write
E33000
heap
page read and write
F05000
heap
page read and write
13E000
unkown
page readonly
DFA000
heap
page read and write
DFE000
heap
page read and write
14A000
unkown
page write copy
1B80000
remote allocation
page read and write
F12000
heap
page read and write
EA2000
heap
page read and write
F0F000
heap
page read and write
154000
unkown
page readonly
F0F000
heap
page read and write
3FFE000
stack
page read and write
F05000
heap
page read and write
EE2000
heap
page read and write
E80000
heap
page read and write
D40000
heap
page read and write
E80000
heap
page read and write
E20000
heap
page read and write
EE2000
heap
page read and write
BDB000
stack
page read and write
F08000
heap
page read and write
EE2000
heap
page read and write
E80000
heap
page read and write
F12000
heap
page read and write
EA2000
heap
page read and write
D74000
heap
page read and write
3FBD000
stack
page read and write
DF0000
heap
page read and write
3B7E000
stack
page read and write
E96000
heap
page read and write
EE2000
heap
page read and write
E96000
heap
page read and write
1B80000
remote allocation
page read and write
11D000
unkown
page readonly
BFD000
stack
page read and write
F08000
heap
page read and write
F0F000
heap
page read and write
3BBE000
stack
page read and write
F05000
heap
page read and write
D80000
heap
page read and write
E8F000
heap
page read and write
E2B000
heap
page read and write
EE2000
heap
page read and write
91000
unkown
page execute read
EE2000
heap
page read and write
E8B000
heap
page read and write
F08000
heap
page read and write
F0F000
heap
page read and write
EE2000
heap
page read and write
F05000
heap
page read and write
E8C000
heap
page read and write
1BB0000
heap
page read and write
F0A000
heap
page read and write
F05000
heap
page read and write
43FF000
stack
page read and write
535000
heap
page read and write
14A000
unkown
page read and write
D70000
heap
page read and write
EA2000
heap
page read and write
E1D000
heap
page read and write
530000
heap
page read and write
F05000
heap
page read and write
91000
unkown
page execute read
E9C000
heap
page read and write
F05000
heap
page read and write
DDD000
stack
page read and write
E96000
heap
page read and write
E99000
heap
page read and write
F08000
heap
page read and write
BCE000
stack
page read and write
11D000
unkown
page readonly
E25000
heap
page read and write
EA2000
heap
page read and write
BBF000
stack
page read and write
F0A000
heap
page read and write
1B80000
remote allocation
page read and write
EA2000
heap
page read and write
154000
unkown
page readonly
E96000
heap
page read and write
E2B000
heap
page read and write
90000
unkown
page readonly
E97000
heap
page read and write
F0A000
heap
page read and write
F0A000
heap
page read and write
EE2000
heap
page read and write
13E000
unkown
page readonly
E8F000
heap
page read and write
90000
unkown
page readonly
570000
heap
page read and write
E93000
heap
page read and write
EE2000
heap
page read and write
E99000
heap
page read and write
EE2000
heap
page read and write
F10000
heap
page read and write
E28000
heap
page read and write
580000
heap
page read and write
14F000
unkown
page write copy
There are 89 hidden memdumps, click here to show them.