IOC Report
Ywhazhugqk.exe

loading gif

Files

File Path
Type
Category
Malicious
Ywhazhugqk.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
malicious
C:\Users\user\AppData\Roaming\CanTransformMultipleBlocks.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
malicious
C:\Users\user\AppData\Roaming\CanTransformMultipleBlocks.exe:Zone.Identifier
ASCII text, with CRLF line terminators
modified
malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CanTransformMultipleBlocks.vbs
ASCII text, with no line terminators
dropped
malicious

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Ywhazhugqk.exe
"C:\Users\user\Desktop\Ywhazhugqk.exe"
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1472 -s 1016

URLs

Name
IP
Malicious
https://github.com/mgravell/protobuf-net
unknown
https://github.com/mgravell/protobuf-neti
unknown
https://stackoverflow.com/q/14436606/23354
unknown
https://github.com/mgravell/protobuf-netJ
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://stackoverflow.com/q/11564914/23354;
unknown
https://stackoverflow.com/q/2152978/23354
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
2BDC000
trusted library allocation
page read and write
malicious
55A0000
trusted library section
page read and write
malicious
3157000
trusted library allocation
page read and write
D94000
trusted library allocation
page read and write
778000
heap
page read and write
244E000
stack
page read and write
3052000
trusted library allocation
page read and write
306B000
trusted library allocation
page read and write
3041000
trusted library allocation
page read and write
2300000
trusted library allocation
page read and write
2D85000
trusted library allocation
page read and write
10FA000
trusted library allocation
page execute and read and write
26E0000
heap
page execute and read and write
81C000
heap
page read and write
315B000
trusted library allocation
page read and write
3CD4000
trusted library allocation
page read and write
3024000
trusted library allocation
page read and write
2D68000
trusted library allocation
page read and write
4A30000
heap
page read and write
305F000
trusted library allocation
page read and write
C5E000
stack
page read and write
3C15000
trusted library allocation
page read and write
5502000
heap
page read and write
3165000
trusted library allocation
page read and write
30B9000
trusted library allocation
page read and write
22C8000
trusted library allocation
page read and write
2F35000
trusted library allocation
page read and write
600E000
stack
page read and write
22C4000
trusted library allocation
page read and write
DA3000
trusted library allocation
page read and write
2F7D000
trusted library allocation
page read and write
7E9000
heap
page read and write
2F81000
trusted library allocation
page read and write
3063000
trusted library allocation
page read and write
9C0000
heap
page read and write
2FC3000
trusted library allocation
page read and write
4FC0000
trusted library allocation
page read and write
30E1000
trusted library allocation
page read and write
53B0000
trusted library allocation
page execute and read and write
2FB3000
trusted library allocation
page read and write
309E000
trusted library allocation
page read and write
2CAA000
trusted library allocation
page read and write
10F6000
trusted library allocation
page execute and read and write
2D5B000
trusted library allocation
page read and write
5370000
trusted library allocation
page read and write
30B1000
trusted library allocation
page read and write
7FB000
heap
page read and write
3146000
trusted library allocation
page read and write
2F47000
trusted library allocation
page read and write
2F66000
trusted library allocation
page read and write
30E7000
trusted library allocation
page read and write
C70000
heap
page read and write
4C30000
trusted library section
page read and write
3121000
trusted library allocation
page read and write
2D4D000
trusted library allocation
page read and write
560000
remote allocation
page execute and read and write
22D7000
trusted library allocation
page execute and read and write
3088000
trusted library allocation
page read and write
5690000
trusted library allocation
page read and write
2F49000
trusted library allocation
page read and write
FAF000
stack
page read and write
4FEC000
trusted library allocation
page read and write
4C40000
trusted library allocation
page execute and read and write
2FB7000
trusted library allocation
page read and write
3073000
trusted library allocation
page read and write
2CAC000
trusted library allocation
page read and write
3144000
trusted library allocation
page read and write
3008000
trusted library allocation
page read and write
56D0000
trusted library allocation
page execute and read and write
2F5E000
trusted library allocation
page read and write
2F4B000
trusted library allocation
page read and write
4F40000
trusted library allocation
page read and write
43C000
stack
page read and write
1180000
heap
page read and write
2F45000
trusted library allocation
page read and write
58A0000
trusted library allocation
page execute and read and write
2F92000
trusted library allocation
page read and write
5EF0000
trusted library allocation
page execute and read and write
53D4000
trusted library allocation
page read and write
63D0000
heap
page read and write
2D36000
trusted library allocation
page read and write
2B40000
trusted library allocation
page read and write
24D0000
heap
page read and write
3159000
trusted library allocation
page read and write
3D17000
trusted library allocation
page read and write
3127000
trusted library allocation
page read and write
DF1000
heap
page read and write
2FB9000
trusted library allocation
page read and write
300E000
trusted library allocation
page read and write
3010000
trusted library allocation
page read and write
53C0000
trusted library allocation
page read and write
2FBD000
trusted library allocation
page read and write
2CC9000
trusted library allocation
page read and write
30EF000
trusted library allocation
page read and write
2FFB000
trusted library allocation
page read and write
851000
heap
page read and write
2FDE000
trusted library allocation
page read and write
3142000
trusted library allocation
page read and write
2FD6000
trusted library allocation
page read and write
2CDE000
trusted library allocation
page read and write
2F79000
trusted library allocation
page read and write
410E000
trusted library allocation
page read and write
DE4000
heap
page read and write
2F83000
trusted library allocation
page read and write
5335000
trusted library allocation
page read and write
30A1000
trusted library allocation
page read and write
2CCB000
trusted library allocation
page read and write
2F98000
trusted library allocation
page read and write
DA0000
trusted library allocation
page read and write
2F96000
trusted library allocation
page read and write
30B3000
trusted library allocation
page read and write
2F60000
trusted library allocation
page read and write
2D3A000
trusted library allocation
page read and write
3037000
trusted library allocation
page read and write
2DA0000
trusted library allocation
page read and write
2CE8000
trusted library allocation
page read and write
2D59000
trusted library allocation
page read and write
2F9A000
trusted library allocation
page read and write
DBE000
heap
page read and write
2D8D000
trusted library allocation
page read and write
24E6000
heap
page read and write
4FE0000
trusted library allocation
page read and write
2FED000
trusted library allocation
page read and write
5850000
trusted library section
page read and write
305C000
trusted library allocation
page read and write
D9D000
trusted library allocation
page execute and read and write
2F64000
trusted library allocation
page read and write
30CA000
trusted library allocation
page read and write
CB5000
heap
page read and write
56E0000
trusted library allocation
page execute and read and write
30E5000
trusted library allocation
page read and write
574E000
stack
page read and write
528F000
stack
page read and write
24E0000
heap
page read and write
DD7000
heap
page read and write
24B0000
trusted library allocation
page read and write
2FF9000
trusted library allocation
page read and write
5314000
trusted library allocation
page read and write
3017000
trusted library allocation
page read and write
2746000
trusted library allocation
page read and write
30D7000
trusted library allocation
page read and write
30B5000
trusted library allocation
page read and write
9E0000
heap
page read and write
610E000
stack
page read and write
30E3000
trusted library allocation
page read and write
303D000
trusted library allocation
page read and write
2D40000
trusted library allocation
page read and write
65E0000
trusted library allocation
page execute and read and write
24BC000
trusted library allocation
page read and write
7B6000
heap
page read and write
306D000
trusted library allocation
page read and write
313C000
trusted library allocation
page read and write
30BB000
trusted library allocation
page read and write
2B70000
heap
page execute and read and write
3086000
trusted library allocation
page read and write
D90000
trusted library allocation
page read and write
315F000
trusted library allocation
page read and write
1230000
heap
page read and write
3058000
trusted library allocation
page read and write
303F000
trusted library allocation
page read and write
2F2D000
trusted library allocation
page read and write
2CF7000
trusted library allocation
page read and write
2F3F000
trusted library allocation
page read and write
5E9E000
stack
page read and write
2D53000
trusted library allocation
page read and write
3026000
trusted library allocation
page read and write
278B000
trusted library allocation
page read and write
FEE000
stack
page read and write
22D0000
trusted library allocation
page read and write
C00000
heap
page read and write
79D000
heap
page read and write
3028000
trusted library allocation
page read and write
4CB0000
trusted library section
page read and write
3129000
trusted library allocation
page read and write
2F9C000
trusted library allocation
page read and write
2CB4000
trusted library allocation
page read and write
2FF1000
trusted library allocation
page read and write
3148000
trusted library allocation
page read and write
1198000
trusted library allocation
page read and write
2F41000
trusted library allocation
page read and write
268D000
stack
page read and write
614E000
stack
page read and write
317E000
trusted library allocation
page read and write
3100000
trusted library allocation
page read and write
63B0000
trusted library allocation
page read and write
89B000
stack
page read and write
10F2000
trusted library allocation
page read and write
303B000
trusted library allocation
page read and write
2D70000
trusted library allocation
page read and write
309C000
trusted library allocation
page read and write
750000
heap
page read and write
22E0000
trusted library allocation
page read and write
3B81000
trusted library allocation
page read and write
1120000
trusted library allocation
page read and write
248D000
stack
page read and write
2CE6000
trusted library allocation
page read and write
7F9F0000
trusted library allocation
page execute and read and write
1107000
trusted library allocation
page execute and read and write
E26000
heap
page read and write
2F2B000
trusted library allocation
page read and write
30EB000
trusted library allocation
page read and write
2CB2000
trusted library allocation
page read and write
584E000
stack
page read and write
2F31000
trusted library allocation
page read and write
D93000
trusted library allocation
page execute and read and write
DAD000
trusted library allocation
page execute and read and write
2D38000
trusted library allocation
page read and write
705000
heap
page read and write
2D57000
trusted library allocation
page read and write
6360000
trusted library section
page read and write
2B3C000
stack
page read and write
316C000
trusted library allocation
page read and write
22C0000
trusted library allocation
page read and write
2FD8000
trusted library allocation
page read and write
24A0000
trusted library allocation
page read and write
2FBF000
trusted library allocation
page read and write
3069000
trusted library allocation
page read and write
2D6C000
trusted library allocation
page read and write
7DF000
heap
page read and write
2CC7000
trusted library allocation
page read and write
312F000
trusted library allocation
page read and write
1102000
trusted library allocation
page read and write
30FE000
trusted library allocation
page read and write
54A0000
heap
page read and write
3163000
trusted library allocation
page read and write
CB0000
heap
page read and write
3043000
trusted library allocation
page read and write
2F69000
trusted library allocation
page read and write
2D83000
trusted library allocation
page read and write
2CB0000
trusted library allocation
page read and write
2CE2000
trusted library allocation
page read and write
2729000
trusted library allocation
page read and write
2D6E000
trusted library allocation
page read and write
2CE0000
trusted library allocation
page read and write
4D50000
heap
page read and write
54A4000
heap
page read and write
2CD4000
trusted library allocation
page read and write
5340000
trusted library allocation
page read and write
2D6A000
trusted library allocation
page read and write
3123000
trusted library allocation
page read and write
26F1000
trusted library allocation
page read and write
2F73000
trusted library allocation
page read and write
26DE000
stack
page read and write
30D0000
trusted library allocation
page read and write
2F94000
trusted library allocation
page read and write
2FAB000
trusted library allocation
page read and write
2B81000
trusted library allocation
page read and write
54A0000
remote allocation
page read and write
2FE1000
trusted library allocation
page read and write
51AE000
stack
page read and write
3054000
trusted library allocation
page read and write
10F0000
trusted library allocation
page read and write
3077000
trusted library allocation
page read and write
2D9E000
trusted library allocation
page read and write
22E7000
trusted library allocation
page execute and read and write
54D4000
heap
page read and write
53D0000
trusted library allocation
page read and write
4C2E000
stack
page read and write
24AF000
trusted library allocation
page read and write
2CCF000
trusted library allocation
page read and write
2F5C000
trusted library allocation
page read and write
DEF000
heap
page read and write
2FDA000
trusted library allocation
page read and write
5390000
heap
page read and write
50AE000
stack
page read and write
5350000
trusted library allocation
page read and write
51B0000
trusted library section
page read and write
22DA000
trusted library allocation
page execute and read and write
2FEF000
trusted library allocation
page read and write
3014000
trusted library allocation
page read and write
CA0000
trusted library allocation
page read and write
2F4E000
trusted library allocation
page read and write
538000
stack
page read and write
6250000
heap
page read and write
2F7B000
trusted library allocation
page read and write
22B4000
trusted library allocation
page read and write
30ED000
trusted library allocation
page read and write
110B000
trusted library allocation
page execute and read and write
22BD000
trusted library allocation
page execute and read and write
1170000
trusted library allocation
page execute and read and write
2CCD000
trusted library allocation
page read and write
2FF7000
trusted library allocation
page read and write
2CE4000
trusted library allocation
page read and write
2D55000
trusted library allocation
page read and write
2CD6000
trusted library allocation
page read and write
3104000
trusted library allocation
page read and write
308C000
trusted library allocation
page read and write
2F62000
trusted library allocation
page read and write
620000
heap
page read and write
314A000
trusted library allocation
page read and write
2D87000
trusted library allocation
page read and write
624E000
stack
page read and write
4FD0000
trusted library allocation
page read and write
A00000
heap
page read and write
2F43000
trusted library allocation
page read and write
2FF5000
trusted library allocation
page read and write
63C0000
heap
page read and write
300C000
trusted library allocation
page read and write
2CEA000
trusted library allocation
page read and write
6B0000
unkown
page readonly
2D9C000
trusted library allocation
page read and write
2F9F000
trusted library allocation
page read and write
2F6F000
trusted library allocation
page read and write
2F86000
trusted library allocation
page read and write
802000
unkown
page readonly
2FC5000
trusted library allocation
page read and write
4FF0000
heap
page execute and read and write
7E5000
heap
page read and write
300A000
trusted library allocation
page read and write
306F000
trusted library allocation
page read and write
5310000
trusted library allocation
page read and write
5670000
trusted library allocation
page read and write
2DA4000
trusted library allocation
page read and write
562000
remote allocation
page execute and read and write
2D3C000
trusted library allocation
page read and write
3176000
trusted library allocation
page read and write
2D74000
trusted library allocation
page read and write
2D89000
trusted library allocation
page read and write
307A000
trusted library allocation
page read and write
30AF000
trusted library allocation
page read and write
3056000
trusted library allocation
page read and write
3DEE000
trusted library allocation
page read and write
1100000
trusted library allocation
page read and write
2DA2000
trusted library allocation
page read and write
2490000
trusted library allocation
page execute and read and write
5360000
trusted library allocation
page read and write
DB0000
heap
page read and write
39DC000
trusted library allocation
page read and write
2D32000
trusted library allocation
page read and write
3113000
trusted library allocation
page read and write
272B000
trusted library allocation
page read and write
53F0000
trusted library allocation
page execute and read and write
2F11000
trusted library allocation
page read and write
2FD4000
trusted library allocation
page read and write
317C000
trusted library allocation
page read and write
538F000
stack
page read and write
309A000
trusted library allocation
page read and write
2D3E000
trusted library allocation
page read and write
5700000
trusted library allocation
page read and write
2FC1000
trusted library allocation
page read and write
56A0000
trusted library allocation
page execute and read and write
2FA5000
trusted library allocation
page read and write
2CA8000
trusted library allocation
page read and write
234E000
stack
page read and write
2CAE000
trusted library allocation
page read and write
2D64000
trusted library allocation
page read and write
2FF3000
trusted library allocation
page read and write
4E8E000
stack
page read and write
4ECE000
stack
page read and write
36F1000
trusted library allocation
page read and write
30CE000
trusted library allocation
page read and write
2CB6000
trusted library allocation
page read and write
2F7F000
trusted library allocation
page read and write
3868000
trusted library allocation
page read and write
5E6000
remote allocation
page execute and read and write
30F2000
trusted library allocation
page read and write
9F0000
trusted library allocation
page read and write
4C7E000
stack
page read and write
3039000
trusted library allocation
page read and write
C10000
heap
page read and write
997000
stack
page read and write
2FE5000
trusted library allocation
page read and write
2836000
trusted library allocation
page read and write
273F000
trusted library allocation
page read and write
2FBB000
trusted library allocation
page read and write
2AFE000
stack
page read and write
855000
heap
page read and write
2CC3000
trusted library allocation
page read and write
6B2000
unkown
page readonly
30DB000
trusted library allocation
page read and write
22B3000
trusted library allocation
page execute and read and write
DB8000
heap
page read and write
700000
heap
page read and write
2D34000
trusted library allocation
page read and write
770000
heap
page read and write
2E3D000
trusted library allocation
page read and write
30D4000
trusted library allocation
page read and write
2F88000
trusted library allocation
page read and write
315D000
trusted library allocation
page read and write
10EF000
stack
page read and write
5EDE000
stack
page read and write
30CC000
trusted library allocation
page read and write
5680000
trusted library allocation
page read and write
2F77000
trusted library allocation
page read and write
5EE0000
trusted library allocation
page read and write
3075000
trusted library allocation
page read and write
2D8F000
trusted library allocation
page read and write
3012000
trusted library allocation
page read and write
2F2F000
trusted library allocation
page read and write
116E000
stack
page read and write
3125000
trusted library allocation
page read and write
22EB000
trusted library allocation
page execute and read and write
1250000
heap
page read and write
30B7000
trusted library allocation
page read and write
3022000
trusted library allocation
page read and write
7AA000
heap
page read and write
56F0000
trusted library allocation
page execute and read and write
4CA0000
heap
page execute and read and write
312D000
trusted library allocation
page read and write
2B60000
trusted library allocation
page read and write
There are 390 hidden memdumps, click here to show them.