IOC Report
SecuriteInfo.com.Trojan.Win64.Inject.4588.21334.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Win64.Inject.4588.21334.exe
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Win64.Inject.4588.21334.exe"
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /c net stop dps
 malicious
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /c net start dps
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\net.exe
net stop dps
C:\Windows\System32\net1.exe
C:\Windows\system32\net1 stop dps
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\net.exe
net start dps
C:\Windows\System32\net1.exe
C:\Windows\system32\net1 start dps

Domains

Name
IP
Malicious
s-part-0036.t-0009.t-msedge.net
13.107.246.64

Memdumps

Base Address
Regiontype
Protect
Malicious
2419DA40000
heap
page read and write
78A000
heap
page read and write
B6781FF000
stack
page read and write
2DD933C5000
heap
page read and write
2FAF000
stack
page read and write
400000
unkown
page readonly
411000
unkown
page readonly
31AF000
stack
page read and write
B67847F000
stack
page read and write
246E000
stack
page read and write
37AE000
stack
page read and write
6E6000
heap
page read and write
180000
heap
page read and write
760000
heap
page read and write
6EC000
heap
page read and write
763000
heap
page read and write
1D4593D5000
heap
page read and write
80000
heap
page read and write
EC6FBED000
stack
page read and write
2419DD75000
heap
page read and write
2DAE000
stack
page read and write
2BAE000
stack
page read and write
2DD93428000
heap
page read and write
71C000
heap
page read and write
2419DA48000
heap
page read and write
F7B395F000
stack
page read and write
6E0000
heap
page read and write
763000
heap
page read and write
6AE71FE000
stack
page read and write
2DD93418000
heap
page read and write
408000
unkown
page read and write
2DD93370000
heap
page read and write
178F4B15000
heap
page read and write
1D459120000
heap
page read and write
35AC000
stack
page read and write
AC0000
heap
page read and write
178F4B10000
heap
page read and write
178F4849000
heap
page read and write
6AE70FD000
stack
page read and write
2419D9D0000
heap
page read and write
2DD933A0000
heap
page read and write
2419D9C0000
heap
page read and write
6F3000
heap
page read and write
33AF000
stack
page read and write
404000
unkown
page readonly
1D459040000
heap
page read and write
2419D9F0000
heap
page read and write
40C000
unkown
page readonly
B67817D000
stack
page read and write
EC6FE7E000
stack
page read and write
2419DD70000
heap
page read and write
178F4850000
heap
page read and write
178F47C0000
heap
page read and write
2DD93380000
heap
page read and write
1D459020000
heap
page read and write
2DD93410000
heap
page read and write
61D000
stack
page read and write
404000
unkown
page readonly
738000
heap
page read and write
EC6FEFF000
stack
page read and write
411000
unkown
page readonly
78B000
heap
page read and write
178F4790000
heap
page read and write
764000
heap
page read and write
6AE717F000
stack
page read and write
F7B39DE000
stack
page read and write
178F47A0000
heap
page read and write
AB0000
heap
page read and write
2DD933C0000
heap
page read and write
1D459128000
heap
page read and write
401000
unkown
page execute read
40C000
unkown
page readonly
F7B38DD000
stack
page read and write
178F4840000
heap
page read and write
9DE000
stack
page read and write
2419DA59000
heap
page read and write
AC5000
heap
page read and write
401000
unkown
page execute read
400000
unkown
page readonly
1D4593D0000
heap
page read and write
160000
heap
page read and write
1D458F40000
heap
page read and write
408000
unkown
page write copy
There are 73 hidden memdumps, click here to show them.