IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious

URLs

Name
IP
Malicious
bathdoomgaz.store
malicious
studennotediw.store
malicious
clearancek.site
malicious
dissapoiznw.store
malicious
https://steamcommunity.com/profiles/76561199724331900
104.102.49.254
malicious
spirittunek.store
malicious
licendfilteo.site
malicious
https://steamcommunity.com:443/profiles/76561199724331900
unknown
malicious
eaglepawnoy.store
malicious
mobbipenju.store
malicious
https://steamcommunity.com/my/wishlist/
unknown
https://player.vimeo.com
unknown
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
unknown
https://steamcommunity.com/1
unknown
https://bathdoomgaz.store:443/api
unknown
https://steamcommunity.com/?subsection=broadcasts
unknown
https://help.steampowered.com/en/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
unknown
https://steamcommunity.com/market/
unknown
https://store.steampowered.com/news/
unknown
https://store.steampowered.com/subscriber_agreement/
unknown
https://www.gstatic.cn/recaptcha/
unknown
http://store.steampowered.com/subscriber_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
unknown
https://recaptcha.net/recaptcha/;
unknown
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
unknown
https://dissapoiznw.store:443/api
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://steamcommunity.com/discussions/
unknown
https://www.youtube.com
unknown
https://www.google.com
unknown
https://store.steampowered.com/stats/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
unknown
https://medal.tv
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
unknown
https://store.steampowered.com/steam_refunds/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
unknown
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C39783226b5b7f60
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=nBdvNPPzc0qI&
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
unknown
https://s.ytimg.com;
unknown
https://steamcommunity.com/workshop/
unknown
https://login.steampowered.com/
unknown
https://store.steampowered.com/legal/
unknown
https://steam.tv/
unknown
https://licendfilteo.site:443/api
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
unknown
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
unknown
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
unknown
http://store.steampowered.com/privacy_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=4Xou
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
unknown
https://store.steampowered.com/points/shop/
unknown
https://recaptcha.net
unknown
https://store.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=e
unknown
https://steamcommunity.com
unknown
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=D_iTAfDsLH
unknown
https://sketchfab.com
unknown
https://lv.queniujq.cn
unknown
https://www.youtube.com/
unknown
http://127.0.0.1:27060
unknown
https://store.steampowered.com/privacy_agreement/
unknown
https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
unknown
https://spirittunek.store:443/api
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
https://www.google.com/recaptcha/
unknown
https://checkout.steampowered.com/
unknown
https://help.steampowered.com/
unknown
https://api.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
http://store.steampowered.com/account/cookiepreferences/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
https://store.steampowered.com/mobile
unknown
https://steamcommunity.com/
unknown
https://eaglepawnoy.store:443/apiWi
unknown
https://store.steampowered.com/;
unknown
https://store.steampowered.com/about/
unknown
https://community.cloudflare.steamstatic.com/
unknown
There are 78 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
steamcommunity.com
104.102.49.254
malicious
eaglepawnoy.store
unknown
malicious
bathdoomgaz.store
unknown
malicious
spirittunek.store
unknown
malicious
licendfilteo.site
unknown
malicious
studennotediw.store
unknown
malicious
mobbipenju.store
unknown
malicious
clearancek.site
unknown
malicious
dissapoiznw.store
unknown
malicious

IPs

IP
Domain
Country
Malicious
104.102.49.254
steamcommunity.com
United States
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
141000
unkown
page execute and read and write
malicious
3E2000
unkown
page execute and write copy
51CF000
stack
page read and write
5090000
direct allocation
page read and write
30D000
unkown
page execute and write copy
487E000
stack
page read and write
5210000
direct allocation
page execute and read and write
5533000
trusted library allocation
page read and write
31FE000
stack
page read and write
3BFE000
stack
page read and write
4C01000
heap
page read and write
45FE000
stack
page read and write
1154000
heap
page read and write
51F0000
direct allocation
page execute and read and write
5080000
remote allocation
page read and write
162F000
stack
page read and write
2E0E000
stack
page read and write
1340000
heap
page read and write
42B000
unkown
page execute and write copy
3FBE000
stack
page read and write
14EF000
stack
page read and write
1154000
heap
page read and write
2F4B000
stack
page read and write
329000
unkown
page execute and write copy
31BF000
stack
page read and write
423E000
stack
page read and write
54CE000
stack
page read and write
1154000
heap
page read and write
3E7E000
stack
page read and write
4BFF000
stack
page read and write
393F000
stack
page read and write
50CE000
stack
page read and write
41FF000
stack
page read and write
141000
unkown
page execute and write copy
444000
unkown
page execute and write copy
113D000
stack
page read and write
5080000
remote allocation
page read and write
140000
unkown
page readonly
1154000
heap
page read and write
3F1000
unkown
page execute and read and write
411000
unkown
page execute and read and write
3C6000
unkown
page execute and write copy
134C000
heap
page read and write
45BF000
stack
page read and write
444000
unkown
page execute and write copy
1154000
heap
page read and write
5080000
remote allocation
page read and write
46FF000
stack
page read and write
5210000
direct allocation
page execute and read and write
4D00000
trusted library allocation
page read and write
2FA0000
direct allocation
page read and write
2FA0000
direct allocation
page read and write
1348000
heap
page read and write
3A3000
unkown
page execute and read and write
437E000
stack
page read and write
30BF000
stack
page read and write
2F8E000
stack
page read and write
12F9000
heap
page read and write
4C01000
heap
page read and write
40BF000
stack
page read and write
454000
unkown
page execute and write copy
5210000
direct allocation
page execute and read and write
1154000
heap
page read and write
2FA0000
direct allocation
page read and write
1A0000
unkown
page execute and write copy
538D000
stack
page read and write
455000
unkown
page execute and write copy
49BE000
stack
page read and write
5200000
direct allocation
page execute and read and write
2F0F000
stack
page read and write
3EC000
unkown
page execute and write copy
32FF000
stack
page read and write
33E000
unkown
page execute and read and write
1154000
heap
page read and write
2FA0000
direct allocation
page read and write
447F000
stack
page read and write
1154000
heap
page read and write
2FA0000
direct allocation
page read and write
1154000
heap
page read and write
3B4000
unkown
page execute and read and write
2FA0000
direct allocation
page read and write
335000
unkown
page execute and write copy
1154000
heap
page read and write
4C10000
heap
page read and write
5524000
trusted library allocation
page read and write
3BF000
unkown
page execute and read and write
1154000
heap
page read and write
44BE000
stack
page read and write
473E000
stack
page read and write
3D3E000
stack
page read and write
3BBF000
stack
page read and write
4C00000
heap
page read and write
2FA0000
direct allocation
page read and write
30B000
unkown
page execute and read and write
357F000
stack
page read and write
570F000
stack
page read and write
1A0000
unkown
page execute and read and write
43A000
unkown
page execute and write copy
365000
unkown
page execute and write copy
34F000
unkown
page execute and write copy
1154000
heap
page read and write
3C8000
unkown
page execute and read and write
1313000
heap
page read and write
1154000
heap
page read and write
13EE000
stack
page read and write
5040000
heap
page read and write
3E3000
unkown
page execute and read and write
2FA0000
direct allocation
page read and write
327000
unkown
page execute and read and write
132C000
heap
page read and write
3A7F000
stack
page read and write
3CFF000
stack
page read and write
335000
unkown
page execute and read and write
551A000
trusted library allocation
page read and write
454000
unkown
page execute and read and write
37FF000
stack
page read and write
3E3F000
stack
page read and write
134C000
heap
page read and write
1154000
heap
page read and write
43C000
unkown
page execute and write copy
574E000
stack
page read and write
12BE000
heap
page read and write
333E000
stack
page read and write
32A000
unkown
page execute and read and write
12F0000
heap
page read and write
350000
unkown
page execute and read and write
12D4000
heap
page read and write
1340000
heap
page read and write
1310000
heap
page read and write
3D2000
unkown
page execute and read and write
347E000
stack
page read and write
383E000
stack
page read and write
5210000
direct allocation
page execute and read and write
4AFE000
stack
page read and write
2FA0000
direct allocation
page read and write
2F90000
heap
page read and write
5240000
direct allocation
page execute and read and write
5259000
trusted library allocation
page read and write
5230000
direct allocation
page execute and read and write
1154000
heap
page read and write
2FA0000
direct allocation
page read and write
433F000
stack
page read and write
399000
unkown
page execute and read and write
1310000
heap
page read and write
1154000
heap
page read and write
40FE000
stack
page read and write
134C000
heap
page read and write
4C01000
heap
page read and write
3A0000
unkown
page execute and write copy
5090000
direct allocation
page read and write
394000
unkown
page execute and write copy
4C01000
heap
page read and write
1154000
heap
page read and write
2FB7000
heap
page read and write
1335000
heap
page read and write
534D000
stack
page read and write
584D000
stack
page read and write
33C000
unkown
page execute and read and write
2FA0000
direct allocation
page read and write
36BF000
stack
page read and write
58BE000
stack
page read and write
4C01000
heap
page read and write
132D000
heap
page read and write
33D000
unkown
page execute and write copy
1335000
heap
page read and write
1150000
heap
page read and write
12F8000
heap
page read and write
3ABE000
stack
page read and write
5210000
direct allocation
page execute and read and write
152E000
stack
page read and write
1154000
heap
page read and write
5090000
direct allocation
page read and write
12FE000
heap
page read and write
1154000
heap
page read and write
1154000
heap
page read and write
343F000
stack
page read and write
12F5000
heap
page read and write
42D000
unkown
page execute and write copy
1154000
heap
page read and write
497F000
stack
page read and write
4C01000
heap
page read and write
1154000
heap
page read and write
2FB0000
heap
page read and write
1348000
heap
page read and write
1AC000
unkown
page execute and write copy
1340000
heap
page read and write
2FA0000
direct allocation
page read and write
12BA000
heap
page read and write
1154000
heap
page read and write
5210000
direct allocation
page execute and read and write
39F000
unkown
page execute and read and write
338000
unkown
page execute and write copy
137E000
heap
page read and write
4C01000
heap
page read and write
3F7F000
stack
page read and write
4C01000
heap
page read and write
140000
unkown
page read and write
4ABF000
stack
page read and write
39A000
unkown
page execute and write copy
35BE000
stack
page read and write
43A000
unkown
page execute and write copy
483F000
stack
page read and write
1180000
heap
page read and write
397E000
stack
page read and write
550D000
trusted library allocation
page read and write
36FE000
stack
page read and write
1A0000
unkown
page execute and write copy
59BF000
stack
page read and write
550B000
trusted library allocation
page read and write
3B1000
unkown
page execute and write copy
55CF000
stack
page read and write
521D000
stack
page read and write
2FA0000
direct allocation
page read and write
2FA0000
direct allocation
page read and write
12FE000
heap
page read and write
548D000
stack
page read and write
4C01000
heap
page read and write
1313000
heap
page read and write
3C9000
unkown
page execute and write copy
12B0000
heap
page read and write
43B000
unkown
page execute and read and write
1348000
heap
page read and write
1260000
heap
page read and write
376000
unkown
page execute and read and write
3BB000
unkown
page execute and write copy
4C01000
heap
page read and write
103C000
stack
page read and write
5220000
direct allocation
page execute and read and write
1154000
heap
page read and write
12E7000
heap
page read and write
5415000
trusted library allocation
page read and write
51E0000
direct allocation
page execute and read and write
1335000
heap
page read and write
560E000
stack
page read and write
1154000
heap
page read and write
There are 225 hidden memdumps, click here to show them.