IOC Report
EVbRu44H1v.hta

loading gif

Files

File Path
Type
Category
Malicious
EVbRu44H1v.hta
HTML document, ASCII text
initial sample
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings\settings.dat
MS Windows registry file, NT/2000 or above
dropped
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings\settings.dat.LOG1
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\mshta.exe
mshta.exe "C:\Users\user\Desktop\EVbRu44H1v.hta"
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca

Registry

Path
Value
Malicious
\REGISTRY\A\{6185fb50-ed70-7638-10f7-d6f490e46a47}\LocalState
VeryFirstLaunch
\REGISTRY\A\{6185fb50-ed70-7638-10f7-d6f490e46a47}\LocalState
Mode

Memdumps

Base Address
Regiontype
Protect
Malicious
24E7EA5A000
heap
page read and write
567F000
stack
page read and write
24E7FD46000
heap
page read and write
24E7FD13000
heap
page read and write
30D0000
heap
page read and write
24E783EB000
heap
page read and write
B260000
heap
page read and write
24E782B7000
heap
page read and write
4F2E000
stack
page read and write
24E783B5000
heap
page read and write
24E7F5E6000
heap
page read and write
24E782F2000
heap
page read and write
24E7FD2D000
heap
page read and write
5A40000
heap
page read and write
3237000
heap
page read and write
7FF4A0573000
trusted library allocation
page execute read
24E7AB93000
heap
page read and write
500F000
stack
page read and write
3170000
heap
page read and write
6535000
heap
page read and write
7FF4A0571000
trusted library allocation
page execute read
2B9D000
stack
page read and write
24E783DD000
heap
page read and write
31F3000
heap
page read and write
24E7FD44000
heap
page read and write
651C000
heap
page read and write
64BE000
stack
page read and write
31F5000
heap
page read and write
650C000
heap
page read and write
6530000
heap
page read and write
24E7AB18000
heap
page read and write
57FB000
stack
page read and write
24E783C6000
heap
page read and write
4F70000
heap
page read and write
518A000
trusted library allocation
page read and write
31C8000
heap
page read and write
5178000
trusted library allocation
page read and write
24E782C4000
heap
page read and write
24E7AB28000
heap
page read and write
24E782DF000
heap
page read and write
311A000
heap
page read and write
24E7822B000
heap
page read and write
24E7FD6B000
heap
page read and write
24E7FD24000
heap
page read and write
675D000
heap
page read and write
24E7FD0E000
heap
page read and write
6519000
heap
page read and write
31F0000
heap
page read and write
93C14FC000
stack
page read and write
4E2E000
stack
page read and write
24E7F5D7000
heap
page read and write
2E00000
heap
page read and write
24E7ABE2000
heap
page read and write
3100000
trusted library allocation
page read and write
517E000
trusted library allocation
page read and write
4C9A000
stack
page read and write
24E7A1D0000
trusted library allocation
page read and write
3200000
heap
page read and write
2FCC000
heap
page read and write
93C13FE000
stack
page read and write
24E7FE04000
heap
page read and write
51CA000
trusted library allocation
page read and write
24E7FD99000
heap
page read and write
24E7FF02000
heap
page read and write
24E7FD8F000
heap
page read and write
24E7FF02000
heap
page read and write
24E7FC00000
heap
page read and write
24E7FD3B000
heap
page read and write
24E78372000
heap
page read and write
24E7EA2D000
heap
page read and write
24E783A2000
heap
page read and write
24E7EB17000
heap
page read and write
51B0000
trusted library allocation
page read and write
5A3F000
stack
page read and write
24E7F52A000
heap
page read and write
4FD0000
heap
page read and write
24E783B9000
heap
page read and write
24E782D0000
heap
page read and write
24E7FF00000
heap
page read and write
24E7F290000
heap
page read and write
31BD000
heap
page read and write
24E7FF02000
heap
page read and write
48FB000
stack
page read and write
5150000
heap
page read and write
B2C0000
trusted library allocation
page read and write
24E78323000
heap
page read and write
31DD000
heap
page read and write
4DEC000
stack
page read and write
24E7FCF2000
heap
page read and write
24E7FF02000
heap
page read and write
678E000
heap
page read and write
6758000
heap
page read and write
24E7FD94000
heap
page read and write
24E782DB000
heap
page read and write
31F3000
heap
page read and write
24E782D4000
heap
page read and write
652D000
heap
page read and write
8C7E000
stack
page read and write
2F3A000
stack
page read and write
517C000
trusted library allocation
page read and write
6980000
trusted library allocation
page read and write
24E7837E000
heap
page read and write
24E7FE06000
heap
page read and write
93C08FC000
stack
page read and write
24E7837A000
heap
page read and write
3267000
heap
page read and write
2EE0000
heap
page read and write
24E783EF000
heap
page read and write
24E7FCAE000
heap
page read and write
553E000
stack
page read and write
3218000
heap
page read and write
93C0AF9000
stack
page read and write
24E7F5D5000
heap
page read and write
517A000
trusted library allocation
page read and write
325C000
heap
page read and write
2F70000
heap
page read and write
6512000
heap
page read and write
24E7FD1B000
heap
page read and write
31FD000
heap
page read and write
24E781D0000
heap
page read and write
6518000
heap
page read and write
318E000
heap
page read and write
325F000
heap
page read and write
675F000
heap
page read and write
2F6F000
stack
page read and write
93C0EFE000
stack
page read and write
4FD4000
heap
page read and write
2FA0000
heap
page read and write
51C6000
trusted library allocation
page read and write
24E783CF000
heap
page read and write
24E7AB40000
heap
page read and write
24E7FD9B000
heap
page read and write
651F000
heap
page read and write
24E78345000
heap
page read and write
24E78388000
heap
page read and write
51A8000
trusted library allocation
page read and write
6523000
heap
page read and write
50BF000
stack
page read and write
30BE000
stack
page read and write
538E000
stack
page read and write
4FCC000
heap
page read and write
6827000
heap
page read and write
543B000
stack
page read and write
93C0DFF000
stack
page read and write
5168000
trusted library allocation
page read and write
3210000
heap
page read and write
51BC000
trusted library allocation
page read and write
24E7FF02000
heap
page read and write
24E7FD1F000
heap
page read and write
24E7A1E0000
trusted library allocation
page read and write
6544000
heap
page read and write
24E7AB63000
heap
page read and write
4E6F000
stack
page read and write
24E7FD62000
heap
page read and write
24E7FE3F000
heap
page read and write
93C07FE000
stack
page read and write
24E7FE28000
heap
page read and write
6512000
heap
page read and write
24E7EA9B000
heap
page read and write
3178000
heap
page read and write
24E7FF02000
heap
page read and write
24E7FB80000
trusted library allocation
page read and write
31DD000
heap
page read and write
519A000
trusted library allocation
page read and write
583E000
stack
page read and write
93C09FE000
stack
page read and write
2FF5000
heap
page read and write
4FC0000
heap
page read and write
24E7E720000
trusted library allocation
page read and write
6766000
heap
page read and write
53A0000
heap
page read and write
2FCE000
heap
page read and write
6773000
heap
page read and write
3110000
heap
page read and write
3242000
heap
page read and write
24E7AB74000
heap
page read and write
24E7FCD9000
heap
page read and write
24E7FED4000
heap
page read and write
653B000
heap
page read and write
3237000
heap
page read and write
51C8000
trusted library allocation
page read and write
3116000
heap
page read and write
24E7EBB0000
heap
page read and write
24E78386000
heap
page read and write
24E7FF02000
heap
page read and write
24E7FB60000
heap
page read and write
24E7FE5E000
heap
page read and write
516E000
trusted library allocation
page read and write
24E7FE97000
heap
page read and write
24E7EAA6000
heap
page read and write
2B5C000
stack
page read and write
4D60000
heap
page read and write
24E7F402000
heap
page read and write
24E7FE00000
heap
page read and write
24E782D9000
heap
page read and write
24E7AB89000
heap
page read and write
3070000
heap
page read and write
24E7FF02000
heap
page read and write
51A0000
trusted library allocation
page read and write
24E7830A000
heap
page read and write
24E7FF02000
heap
page read and write
24E7FCD7000
heap
page read and write
4DAC000
stack
page read and write
557C000
stack
page read and write
24E7FD5C000
heap
page read and write
6519000
heap
page read and write
24E7EBAB000
heap
page read and write
93C0BF0000
stack
page read and write
24E7ABF3000
heap
page read and write
4FCE000
stack
page read and write
24E7FD51000
heap
page read and write
93C1AF8000
stack
page read and write
24E7FF02000
heap
page read and write
24E7EA99000
heap
page read and write
6750000
heap
page read and write
93C11FC000
stack
page read and write
24E7FE3F000
heap
page read and write
24E7FE6C000
heap
page read and write
5188000
trusted library allocation
page read and write
24E7FCCA000
heap
page read and write
516C000
trusted library allocation
page read and write
24E7FD0A000
heap
page read and write
6768000
heap
page read and write
30FF000
stack
page read and write
24E7828B000
heap
page read and write
53FF000
stack
page read and write
24E781C0000
heap
page read and write
24E7FE84000
heap
page read and write
5180000
trusted library allocation
page read and write
5AD0000
trusted library allocation
page read and write
4EAE000
stack
page read and write
2F2E000
stack
page read and write
53A4000
heap
page read and write
24E7FD76000
heap
page read and write
24E7FECD000
heap
page read and write
6780000
heap
page read and write
31C8000
heap
page read and write
6512000
heap
page read and write
24E78347000
heap
page read and write
24E7FD67000
heap
page read and write
3242000
heap
page read and write
24E7FEAC000
heap
page read and write
24E78200000
heap
page read and write
5198000
trusted library allocation
page read and write
2F77000
heap
page read and write
24E781F0000
heap
page read and write
24E78382000
heap
page read and write
24E78296000
heap
page read and write
24E78243000
heap
page read and write
6980000
trusted library allocation
page read and write
3235000
heap
page read and write
93C17FC000
stack
page read and write
24E7AB8C000
heap
page read and write
24E7FD35000
heap
page read and write
24E7827A000
heap
page read and write
64E6000
heap
page read and write
4FC3000
heap
page read and write
24E782F8000
heap
page read and write
24E7EA61000
heap
page read and write
24E783B1000
heap
page read and write
A752000
trusted library allocation
page read and write
24E7FE42000
heap
page read and write
3160000
trusted library allocation
page read and write
24E782C8000
heap
page read and write
24E782DD000
heap
page read and write
24E7FEB0000
heap
page read and write
2E3A000
stack
page read and write
31F8000
heap
page read and write
64F7000
heap
page read and write
6519000
heap
page read and write
93C16FC000
stack
page read and write
24E78334000
heap
page read and write
24E7FF02000
heap
page read and write
51CC000
trusted library allocation
page read and write
593E000
stack
page read and write
24E7FCFA000
heap
page read and write
24E782E6000
heap
page read and write
24E783CA000
heap
page read and write
661E000
stack
page read and write
93C15FC000
stack
page read and write
320A000
heap
page read and write
7EFD1000
trusted library allocation
page execute read
93C12FE000
stack
page read and write
24E7AB0C000
heap
page read and write
4FB0000
heap
page read and write
3212000
heap
page read and write
24E782BB000
heap
page read and write
24E783E7000
heap
page read and write
24E7F622000
trusted library allocation
page read and write
24E7FD4E000
heap
page read and write
4FDF000
heap
page read and write
24E782D7000
heap
page read and write
24E7AA02000
heap
page read and write
24E782E4000
heap
page read and write
24E7EB12000
heap
page read and write
6530000
heap
page read and write
4EEE000
stack
page read and write
24E7AB2E000
heap
page read and write
24E7F500000
heap
page read and write
24E7EA27000
heap
page read and write
518C000
trusted library allocation
page read and write
67D2000
heap
page read and write
24E7FE78000
heap
page read and write
93C19FD000
stack
page read and write
24E7828E000
heap
page read and write
24E7F2B0000
trusted library allocation
page read and write
8D7C000
stack
page read and write
24E7F530000
heap
page read and write
24E7A9E0000
heap
page read and write
4FD6000
heap
page read and write
31BC000
heap
page read and write
24E7835E000
heap
page read and write
24E78213000
heap
page read and write
3235000
heap
page read and write
56BC000
stack
page read and write
24E7ABE0000
heap
page read and write
24E7830F000
heap
page read and write
24E7FE1E000
heap
page read and write
24E7FD71000
heap
page read and write
24E7F413000
heap
page read and write
4FC8000
heap
page read and write
24E7AB00000
heap
page read and write
24E78313000
heap
page read and write
3242000
heap
page read and write
5170000
trusted library allocation
page read and write
4910000
heap
page read and write
24E7FD7A000
heap
page read and write
3181000
heap
page read and write
7EFE0000
trusted library allocation
page execute read
24E783D9000
heap
page read and write
652C000
heap
page read and write
24E783F4000
heap
page read and write
4F6C000
stack
page read and write
24E7FCCC000
heap
page read and write
24E7EBF0000
heap
page read and write
93C18FC000
stack
page read and write
24E7FE86000
heap
page read and write
3237000
heap
page read and write
51BE000
trusted library allocation
page read and write
93C037B000
stack
page read and write
24E78361000
heap
page read and write
31F3000
heap
page read and write
5030000
heap
page read and write
6850000
trusted library section
page readonly
24E78376000
heap
page read and write
24E7FED0000
heap
page read and write
63BD000
stack
page read and write
31A2000
heap
page read and write
67F4000
heap
page read and write
3235000
heap
page read and write
24E7FCDF000
heap
page read and write
516A000
trusted library allocation
page read and write
24E7FF02000
heap
page read and write
24E7FD06000
heap
page read and write
4917000
heap
page read and write
507E000
stack
page read and write
64D0000
heap
page read and write
518E000
trusted library allocation
page read and write
57BE000
stack
page read and write
24E783E2000
heap
page read and write
24E7FD17000
heap
page read and write
2FF0000
heap
page read and write
671F000
stack
page read and write
24E7EA00000
heap
page read and write
6544000
heap
page read and write
24E7FCCF000
heap
page read and write
There are 356 hidden memdumps, click here to show them.