IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious

URLs

Name
IP
Malicious
bathdoomgaz.store
malicious
studennotediw.store
malicious
clearancek.site
malicious
dissapoiznw.store
malicious
https://steamcommunity.com/profiles/76561199724331900
104.102.49.254
malicious
spirittunek.store
malicious
licendfilteo.site
malicious
https://steamcommunity.com:443/profiles/76561199724331900
unknown
malicious
eaglepawnoy.store
malicious
mobbipenju.store
malicious
https://steamcommunity.com/my/wishlist/
unknown
https://player.vimeo.com
unknown
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
unknown
https://steamcommunity.com/?subsection=broadcasts
unknown
https://help.steampowered.com/en/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
unknown
https://steamcommunity.com/market/
unknown
https://store.steampowered.com/news/
unknown
https://store.steampowered.com/subscriber_agreement/
unknown
https://www.gstatic.cn/recaptcha/
unknown
http://store.steampowered.com/subscriber_agreement/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
unknown
https://clearancek.site:443/apiin
unknown
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuX
unknown
https://recaptcha.net/recaptcha/;
unknown
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://steamcommunity.com/discussions/
unknown
https://www.youtube.com
unknown
https://www.google.com
unknown
https://store.steampowered.com/stats/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
unknown
https://medal.tv
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
unknown
https://store.steampowered.com/steam_refunds/
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
unknown
https://s.ytimg.com;
unknown
https://steamcommunity.com/workshop/
unknown
https://login.steampowered.com/
unknown
https://steamcommunity.com/7
unknown
https://store.steampowered.com/legal/
unknown
https://steam.tv/
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BX
unknown
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
unknown
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
unknown
http://store.steampowered.com/privacy_agreement/
unknown
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cb9e7f3651c38ac4
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
unknown
https://store.steampowered.com/points/shop/
unknown
https://recaptcha.net
unknown
https://mobbipenju.store:443/apiv
unknown
https://store.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=e
unknown
https://clearancek.site:443/apiW
unknown
https://steamcommunity.com
unknown
https://studennotediw.store:443/api
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&
unknown
https://sketchfab.com
unknown
https://lv.queniujq.cn
unknown
https://www.youtube.com/
unknown
http://127.0.0.1:27060
unknown
https://store.steampowered.com/privacy_agreement/
unknown
https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
unknown
https://spirittunek.store:443/api
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
https://www.google.com/recaptcha/
unknown
https://checkout.steampowered.com/
unknown
https://help.steampowered.com/
unknown
https://api.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
http://store.steampowered.com/account/cookiepreferences/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
https://store.steampowered.com/mobile
unknown
https://steamcommunity.com/
unknown
https://store.steampowered.com/;
unknown
https://store.steampowered.com/about/
unknown
https://community.cloudflare.steamstatic.com/
unknown
There are 78 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
steamcommunity.com
104.102.49.254
malicious
eaglepawnoy.store
unknown
malicious
bathdoomgaz.store
unknown
malicious
spirittunek.store
unknown
malicious
licendfilteo.site
unknown
malicious
studennotediw.store
unknown
malicious
mobbipenju.store
unknown
malicious
clearancek.site
unknown
malicious
dissapoiznw.store
unknown
malicious

IPs

IP
Domain
Country
Malicious
104.102.49.254
steamcommunity.com
United States
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
381000
unkown
page execute and read and write
malicious
51A0000
direct allocation
page execute and read and write
48DF000
stack
page read and write
51D0000
direct allocation
page execute and read and write
401F000
stack
page read and write
4B80000
direct allocation
page read and write
4B91000
heap
page read and write
2DFE000
stack
page read and write
68D000
unkown
page execute and read and write
469E000
stack
page read and write
56D000
unkown
page execute and write copy
12C4000
heap
page read and write
491E000
stack
page read and write
2E00000
heap
page read and write
4B80000
direct allocation
page read and write
51A0000
direct allocation
page execute and read and write
5FF000
unkown
page execute and read and write
4B91000
heap
page read and write
549C000
trusted library allocation
page read and write
2DBC000
stack
page read and write
11D0000
heap
page read and write
375F000
stack
page read and write
4B91000
heap
page read and write
57BD000
stack
page read and write
3D9F000
stack
page read and write
55C000
unkown
page execute and read and write
5D9000
unkown
page execute and read and write
4B80000
direct allocation
page read and write
600000
unkown
page execute and write copy
12FB000
heap
page read and write
677000
unkown
page execute and write copy
301F000
stack
page read and write
3EA000
unkown
page execute and write copy
351E000
stack
page read and write
60C000
unkown
page execute and read and write
12D0000
heap
page read and write
12AF000
heap
page read and write
666000
unkown
page execute and write copy
5EC000
unkown
page execute and read and write
4B80000
direct allocation
page read and write
541E000
stack
page read and write
10FD000
stack
page read and write
4B80000
direct allocation
page read and write
4B80000
direct allocation
page read and write
515F000
stack
page read and write
5CE000
unkown
page execute and read and write
573000
unkown
page execute and read and write
604000
unkown
page execute and read and write
5020000
direct allocation
page read and write
12AF000
heap
page read and write
465F000
stack
page read and write
12A6000
heap
page read and write
51A0000
direct allocation
page execute and read and write
5670000
remote allocation
page read and write
12C4000
heap
page read and write
1294000
heap
page read and write
3C9E000
stack
page read and write
33DE000
stack
page read and write
4A5E000
stack
page read and write
12A6000
heap
page read and write
5170000
direct allocation
page execute and read and write
598000
unkown
page execute and read and write
4B91000
heap
page read and write
4B80000
direct allocation
page read and write
4B91000
heap
page read and write
5190000
direct allocation
page execute and read and write
389F000
stack
page read and write
5670000
remote allocation
page read and write
3E0000
unkown
page execute and write copy
12DF000
heap
page read and write
5FB000
unkown
page execute and write copy
3B1F000
stack
page read and write
2D7E000
stack
page read and write
126A000
heap
page read and write
12E4000
heap
page read and write
68E000
unkown
page execute and write copy
62C000
unkown
page execute and read and write
3F1E000
stack
page read and write
361F000
stack
page read and write
315E000
stack
page read and write
1299000
heap
page read and write
380000
unkown
page readonly
68D000
unkown
page execute and write copy
4B91000
heap
page read and write
51A0000
direct allocation
page execute and read and write
4B60000
heap
page read and write
4B91000
heap
page read and write
51EC000
trusted library allocation
page read and write
56BE000
stack
page read and write
3DDE000
stack
page read and write
551E000
stack
page read and write
DF0000
heap
page read and write
5399000
trusted library allocation
page read and write
419E000
stack
page read and write
4BA0000
heap
page read and write
123E000
stack
page read and write
582E000
stack
page read and write
126E000
heap
page read and write
566000
unkown
page execute and read and write
1299000
heap
page read and write
5C7000
unkown
page execute and write copy
4B91000
heap
page read and write
DC0000
heap
page read and write
67E000
unkown
page execute and write copy
12E2000
heap
page read and write
5180000
direct allocation
page execute and read and write
2E17000
heap
page read and write
415F000
stack
page read and write
429F000
stack
page read and write
629000
unkown
page execute and read and write
2F1F000
stack
page read and write
5E3000
unkown
page execute and read and write
5E1000
unkown
page execute and write copy
3E0000
unkown
page execute and read and write
51B0000
direct allocation
page execute and read and write
505E000
stack
page read and write
4B5F000
stack
page read and write
4B90000
heap
page read and write
597000
unkown
page execute and write copy
34DF000
stack
page read and write
566000
unkown
page execute and write copy
4B91000
heap
page read and write
12E2000
heap
page read and write
4B80000
direct allocation
page read and write
325F000
stack
page read and write
405E000
stack
page read and write
12A0000
heap
page read and write
5F2000
unkown
page execute and read and write
3EDF000
stack
page read and write
39DF000
stack
page read and write
381000
unkown
page execute and write copy
4B80000
direct allocation
page read and write
4B91000
heap
page read and write
4B80000
direct allocation
page read and write
380000
unkown
page read and write
627000
unkown
page execute and write copy
3A1E000
stack
page read and write
149E000
stack
page read and write
4B91000
heap
page read and write
59C000
unkown
page execute and write copy
4A1F000
stack
page read and write
4C90000
trusted library allocation
page read and write
339F000
stack
page read and write
12A0000
heap
page read and write
12F0000
heap
page read and write
4B80000
direct allocation
page read and write
2E10000
heap
page read and write
5D5000
unkown
page execute and write copy
451F000
stack
page read and write
5FC000
unkown
page execute and read and write
4B91000
heap
page read and write
4B80000
direct allocation
page read and write
12D0000
heap
page read and write
5FD000
unkown
page execute and write copy
4B80000
direct allocation
page read and write
D8C000
stack
page read and write
38DE000
stack
page read and write
1332000
heap
page read and write
649000
unkown
page execute and read and write
12E4000
heap
page read and write
5499000
trusted library allocation
page read and write
5670000
remote allocation
page read and write
4B91000
heap
page read and write
441E000
stack
page read and write
555E000
stack
page read and write
585000
unkown
page execute and write copy
5B1000
unkown
page execute and read and write
669000
unkown
page execute and write copy
54B1000
trusted library allocation
page read and write
66B000
unkown
page execute and write copy
549000
unkown
page execute and read and write
67E000
unkown
page execute and write copy
4B91000
heap
page read and write
51A0000
direct allocation
page execute and read and write
379E000
stack
page read and write
159F000
stack
page read and write
12A8000
heap
page read and write
5020000
direct allocation
page read and write
12FB000
heap
page read and write
455E000
stack
page read and write
5020000
direct allocation
page read and write
12F0000
heap
page read and write
54B000
unkown
page execute and write copy
3EB000
unkown
page execute and read and write
549E000
trusted library allocation
page read and write
4B91000
heap
page read and write
679000
unkown
page execute and write copy
54AA000
trusted library allocation
page read and write
12FB000
heap
page read and write
47DE000
stack
page read and write
51A0000
direct allocation
page execute and read and write
565F000
stack
page read and write
12E6000
heap
page read and write
3B5E000
stack
page read and write
12E0000
heap
page read and write
DC5000
heap
page read and write
42DE000
stack
page read and write
3C5F000
stack
page read and write
54BF000
trusted library allocation
page read and write
4B91000
heap
page read and write
12E6000
heap
page read and write
51C0000
direct allocation
page execute and read and write
365E000
stack
page read and write
52DC000
stack
page read and write
5EB000
unkown
page execute and write copy
5ED000
unkown
page execute and write copy
592F000
stack
page read and write
53DD000
stack
page read and write
12A9000
heap
page read and write
329E000
stack
page read and write
479F000
stack
page read and write
311F000
stack
page read and write
4B91000
heap
page read and write
3EC000
unkown
page execute and write copy
586000
unkown
page execute and read and write
677000
unkown
page execute and write copy
62A000
unkown
page execute and write copy
605000
unkown
page execute and write copy
4B91000
heap
page read and write
43DF000
stack
page read and write
133E000
heap
page read and write
4B80000
direct allocation
page read and write
51AD000
stack
page read and write
500E000
stack
page read and write
1260000
heap
page read and write
145E000
stack
page read and write
4B91000
heap
page read and write
678000
unkown
page execute and read and write
There are 218 hidden memdumps, click here to show them.