IOC Report
basta.js

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\wscript.exe
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\basta.js"
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
JScriptSetScriptStateStarted

Memdumps

Base Address
Regiontype
Protect
Malicious
203439BB000
heap
page read and write
203439E3000
heap
page read and write
203439B1000
heap
page read and write
203454E0000
heap
page read and write
20343B7E000
heap
page read and write
203439B7000
heap
page read and write
203439BD000
heap
page read and write
FF102FD000
stack
page read and write
20345841000
heap
page read and write
203439F9000
heap
page read and write
20343A60000
heap
page read and write
2034584B000
heap
page read and write
203439A9000
heap
page read and write
203439E3000
heap
page read and write
FF0F959000
stack
page read and write
203439C8000
heap
page read and write
2034583A000
heap
page read and write
20343B75000
heap
page read and write
203439BC000
heap
page read and write
203439B1000
heap
page read and write
203439E9000
heap
page read and write
203439EE000
heap
page read and write
2034396C000
heap
page read and write
203439E9000
heap
page read and write
203439E3000
heap
page read and write
20345848000
heap
page read and write
2034583A000
heap
page read and write
20345848000
heap
page read and write
20345832000
heap
page read and write
203439E9000
heap
page read and write
FF100FE000
stack
page read and write
2034583B000
heap
page read and write
203439E3000
heap
page read and write
20347120000
heap
page read and write
2034397B000
heap
page read and write
203439B1000
heap
page read and write
20343991000
heap
page read and write
2034398F000
heap
page read and write
20343993000
heap
page read and write
20345848000
heap
page read and write
2034399F000
heap
page read and write
203439B4000
heap
page read and write
20343970000
heap
page read and write
203439B5000
heap
page read and write
20345848000
heap
page read and write
20345840000
heap
page read and write
20343B80000
heap
page read and write
20345833000
heap
page read and write
203439BC000
heap
page read and write
FF0FFFF000
stack
page read and write
203439BE000
heap
page read and write
FF101FF000
stack
page read and write
FF0FCFE000
stack
page read and write
203439E6000
heap
page read and write
2034584C000
heap
page read and write
203439B9000
heap
page read and write
203439F2000
heap
page read and write
203439E9000
heap
page read and write
20343B7A000
heap
page read and write
2034583C000
heap
page read and write
FF0FDFD000
stack
page read and write
20343958000
heap
page read and write
20343B40000
heap
page read and write
2034584B000
heap
page read and write
203439C4000
heap
page read and write
FF103FE000
stack
page read and write
203454E4000
heap
page read and write
203439A9000
heap
page read and write
2034584A000
heap
page read and write
2034398E000
heap
page read and write
20345848000
heap
page read and write
203439A9000
heap
page read and write
203439E9000
heap
page read and write
20343B70000
heap
page read and write
203439C7000
heap
page read and write
203439F2000
heap
page read and write
203439E9000
heap
page read and write
20347240000
trusted library allocation
page read and write
203439E3000
heap
page read and write
20345837000
heap
page read and write
2034397C000
heap
page read and write
203439C8000
heap
page read and write
203439C6000
heap
page read and write
20343950000
heap
page read and write
20345830000
heap
page read and write
203439A2000
heap
page read and write
There are 76 hidden memdumps, click here to show them.