IOC Report
Application.Network.ScanConverter2.x64.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Application.Network.ScanConverter2.x64.exe
"C:\Users\user\Desktop\Application.Network.ScanConverter2.x64.exe"
 malicious

URLs

Name
IP
Malicious
http://new.tk/ndisdk_license/
unknown
http://ndi.videoExithttp://ndi.video/ScreenCaptureLearnButtonNDI
unknown
http://ndi.video
unknown

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
192.168.2.16
unknown
unknown
192.168.2.9
unknown
unknown
192.168.2.4
unknown
unknown
192.168.2.5
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\ActiveMovie\devenum 64-bit
Version

Memdumps

Base Address
Regiontype
Protect
Malicious
1F69BDC0000
heap
page read and write
1F699685000
heap
page read and write
2BDE9FD000
stack
page read and write
1F69BA88000
heap
page read and write
2BDDCFA000
stack
page read and write
7FF74D968000
unkown
page write copy
2BDE7FE000
stack
page read and write
1F69BA48000
heap
page read and write
1F69BA10000
heap
page read and write
7FF74BEF1000
unkown
page execute read
2BDE2FE000
stack
page read and write
1F69C0D0000
trusted library allocation
page read and write
7FF74D979000
unkown
page read and write
1F69BA78000
heap
page read and write
1F69968E000
heap
page read and write
7FF74BEF0000
unkown
page readonly
1F69BA58000
heap
page read and write
1F697CD0000
heap
page read and write
2BDE3FF000
stack
page read and write
7FF74D2F1000
unkown
page execute read
1F69BE11000
heap
page read and write
1F69BE05000
heap
page read and write
7FF74DAB5000
unkown
page readonly
1F697C3B000
heap
page read and write
7FF74DA80000
unkown
page read and write
1F69BA18000
heap
page read and write
2BDE0FA000
stack
page read and write
2BDEBEE000
stack
page read and write
1F697CC9000
heap
page read and write
1F69BA20000
heap
page read and write
1F697C57000
heap
page read and write
1F699520000
heap
page read and write
1F69BE01000
heap
page read and write
2BDE5FE000
stack
page read and write
1F697C5F000
heap
page read and write
1F69BA00000
heap
page read and write
1F697C5D000
heap
page read and write
1F69BE0D000
heap
page read and write
1F697C4F000
heap
page read and write
7FF74D8A2000
unkown
page readonly
2BDDFFD000
stack
page read and write
1F697C7F000
heap
page read and write
1F697C89000
heap
page read and write
1F69BE3A000
heap
page read and write
1F69B9F0000
heap
page read and write
2BDEBF8000
stack
page read and write
2BDEDFE000
stack
page read and write
2BDDCEF000
stack
page read and write
1F697C65000
heap
page read and write
1F697C7F000
heap
page read and write
1F69BA38000
heap
page read and write
1F69BDFD000
heap
page read and write
7FF74BEF0000
unkown
page readonly
1F69BA30000
heap
page read and write
2BDE6FE000
stack
page read and write
7FF74D96E000
unkown
page read and write
1F697C89000
heap
page read and write
2BDDDFE000
stack
page read and write
1F697CA1000
heap
page read and write
1F697C8A000
heap
page read and write
1F69BA90000
heap
page read and write
1F69BAAA000
heap
page read and write
1F697C77000
heap
page read and write
1F69B9E8000
heap
page read and write
2BDE1FE000
stack
page read and write
7FF74D2F1000
unkown
page execute read
1F69BABE000
heap
page read and write
1F69BABB000
heap
page read and write
1F69BA60000
heap
page read and write
7FF74DAB5000
unkown
page readonly
1F697C30000
heap
page read and write
1F699563000
heap
page read and write
1F6994A0000
heap
page read and write
1F69B9E0000
heap
page read and write
7FF74C8F1000
unkown
page execute read
1F69BDD0000
heap
page read and write
1F699680000
heap
page read and write
1F69BA28000
heap
page read and write
1F697BD8000
heap
page read and write
2BDE4FF000
stack
page read and write
1F697AF0000
heap
page read and write
1F697C91000
heap
page read and write
1F697C61000
heap
page read and write
1F697C3F000
heap
page read and write
1F69BE15000
heap
page read and write
1F69BA40000
heap
page read and write
2BDE0FC000
stack
page read and write
1F69B9D8000
heap
page read and write
1F697C63000
heap
page read and write
1F69B9F8000
heap
page read and write
1F69BA68000
heap
page read and write
1F699524000
heap
page read and write
1F69B9D0000
heap
page read and write
1F697CB1000
heap
page read and write
1F697C6C000
heap
page read and write
7FF74D8A2000
unkown
page readonly
1F69BE09000
heap
page read and write
7FF74D968000
unkown
page read and write
1F697CB9000
heap
page read and write
7FF74DAB4000
unkown
page read and write
1F697C42000
heap
page read and write
7FF74BEF1000
unkown
page execute read
1F697C4B000
heap
page read and write
1F697C81000
heap
page read and write
1F69BA70000
heap
page read and write
1F69BD10000
heap
page read and write
1F69C8D0000
heap
page read and write
7FF74D96B000
unkown
page write copy
2BDEAFE000
stack
page read and write
1F697BD0000
heap
page read and write
1F697CC1000
heap
page read and write
1F697CA9000
heap
page read and write
1F697C7A000
heap
page read and write
1F69BA08000
heap
page read and write
1F69BA50000
heap
page read and write
2BDE8FD000
stack
page read and write
1F69BA80000
heap
page read and write
1F69BBF0000
heap
page read and write
1F697C34000
heap
page read and write
1F697C99000
heap
page read and write
1F697C1D000
heap
page read and write
7FF74C8F1000
unkown
page execute read
There are 112 hidden memdumps, click here to show them.