IOC Report
L7kjcyPckT.vbs

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\L7kjcyPckT.vbs"
 malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
28FC0980000
heap
page read and write
9C89DFD000
stack
page read and write
28FC05C0000
heap
page read and write
28FC09A5000
heap
page read and write
28FC06C8000
heap
page read and write
28FC06F2000
heap
page read and write
28FC06E1000
heap
page read and write
28FC0698000
heap
page read and write
28FC06C8000
heap
page read and write
28FC06E1000
heap
page read and write
28FC06EA000
heap
page read and write
28FC2490000
heap
page read and write
28FC0707000
heap
page read and write
9C8A2FF000
stack
page read and write
9C8A0FF000
stack
page read and write
9C89CFE000
stack
page read and write
28FC05D0000
heap
page read and write
28FC05F0000
heap
page read and write
28FC06E1000
heap
page read and write
28FC06DE000
heap
page read and write
28FC06C8000
heap
page read and write
28FC06B3000
heap
page read and write
28FC06A4000
heap
page read and write
28FC06E1000
heap
page read and write
28FC06C8000
heap
page read and write
9C899C9000
stack
page read and write
9C89EFE000
stack
page read and write
9C8A1FE000
stack
page read and write
28FC2493000
heap
page read and write
28FC09A0000
heap
page read and write
28FC3D40000
trusted library allocation
page read and write
28FC06CD000
heap
page read and write
28FC06C2000
heap
page read and write
28FC0984000
heap
page read and write
28FC0690000
heap
page read and write
28FC3BF0000
heap
page read and write
28FC0701000
heap
page read and write
28FC06CF000
heap
page read and write
28FC06C2000
heap
page read and write
28FC06AE000
heap
page read and write
There are 30 hidden memdumps, click here to show them.