IOC Report
IXi8q1gF78.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\IXi8q1gF78.exe
"C:\Users\user\Desktop\IXi8q1gF78.exe"
 malicious

IPs

IP
Domain
Country
Malicious
130.195.21.41
unknown
New Zealand
130.195.56.182
unknown
New Zealand
130.195.110.242
unknown
New Zealand
130.195.89.70
unknown
New Zealand
130.195.126.159
unknown
New Zealand
130.195.148.219
unknown
New Zealand
130.195.63.134
unknown
New Zealand
130.195.196.126
unknown
New Zealand
130.195.110.244
unknown
New Zealand
130.195.223.153
unknown
New Zealand
130.195.89.73
unknown
New Zealand
130.195.223.156
unknown
New Zealand
130.195.110.249
unknown
New Zealand
130.195.31.221
unknown
New Zealand
130.195.180.24
unknown
New Zealand
130.195.189.176
unknown
New Zealand
130.195.173.250
unknown
New Zealand
130.195.101.203
unknown
New Zealand
130.195.148.229
unknown
New Zealand
130.195.230.118
unknown
New Zealand
130.195.63.146
unknown
New Zealand
130.195.179.20
unknown
New Zealand
130.195.117.106
unknown
New Zealand
130.195.31.236
unknown
New Zealand
130.195.154.5
unknown
New Zealand
130.195.154.1
unknown
New Zealand
130.195.167.38
unknown
New Zealand
130.195.90.59
unknown
New Zealand
130.195.229.213
unknown
New Zealand
130.195.0.70
unknown
New Zealand
130.195.167.42
unknown
New Zealand
130.195.207.158
unknown
New Zealand
130.195.148.212
unknown
New Zealand
130.195.117.133
unknown
New Zealand
130.195.117.135
unknown
New Zealand
130.195.90.80
unknown
New Zealand
130.195.21.20
unknown
New Zealand
130.195.63.112
unknown
New Zealand
130.195.89.94
unknown
New Zealand
130.195.223.172
unknown
New Zealand
130.195.94.220
unknown
New Zealand
130.195.31.243
unknown
New Zealand
130.195.230.137
unknown
New Zealand
130.195.232.189
unknown
New Zealand
130.195.201.33
unknown
New Zealand
130.195.252.2
unknown
New Zealand
130.195.249.17
unknown
New Zealand
130.195.21.29
unknown
New Zealand
130.195.249.13
unknown
New Zealand
130.195.131.87
unknown
New Zealand
130.195.213.23
unknown
New Zealand
130.195.119.190
unknown
New Zealand
130.195.143.76
unknown
New Zealand
130.195.232.196
unknown
New Zealand
130.195.201.47
unknown
New Zealand
130.195.230.121
unknown
New Zealand
130.195.180.205
unknown
New Zealand
130.195.90.74
unknown
New Zealand
130.195.245.235
unknown
New Zealand
130.195.111.22
unknown
New Zealand
130.195.94.208
unknown
New Zealand
130.195.131.97
unknown
New Zealand
130.195.131.55
unknown
New Zealand
130.195.180.67
unknown
New Zealand
130.195.110.201
unknown
New Zealand
130.195.155.20
unknown
New Zealand
130.195.213.78
unknown
New Zealand
130.195.81.184
unknown
New Zealand
130.195.72.135
unknown
New Zealand
130.195.143.44
unknown
New Zealand
130.195.72.142
unknown
New Zealand
130.195.171.216
unknown
New Zealand
130.195.118.82
unknown
New Zealand
130.195.133.153
unknown
New Zealand
130.195.142.194
unknown
New Zealand
130.195.187.124
unknown
New Zealand
130.195.47.179
unknown
New Zealand
130.195.38.128
unknown
New Zealand
130.195.198.163
unknown
New Zealand
130.195.110.7
unknown
New Zealand
130.195.38.125
unknown
New Zealand
130.195.126.127
unknown
New Zealand
130.195.24.249
unknown
New Zealand
130.195.87.235
unknown
New Zealand
130.195.110.4
unknown
New Zealand
130.195.56.129
unknown
New Zealand
130.195.143.55
unknown
New Zealand
130.195.5.5
unknown
New Zealand
130.195.171.205
unknown
New Zealand
130.195.56.126
unknown
New Zealand
130.195.198.164
unknown
New Zealand
130.195.213.54
unknown
New Zealand
130.195.180.88
unknown
New Zealand
130.195.180.86
unknown
New Zealand
130.195.189.9
unknown
New Zealand
130.195.175.91
unknown
New Zealand
130.195.213.58
unknown
New Zealand
130.195.175.97
unknown
New Zealand
130.195.24.255
unknown
New Zealand
130.195.175.98
unknown
New Zealand
There are 90 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{40B8DCCB-895E-2CDC-AE7F-E3C71F72764D}
NULL
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{40B8DCCB-895E-2CDC-AE7F-E3C71F72764D}\LocalServer32
NULL
 malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
1463E000
stack
page read and write
AAAE000
stack
page read and write
97AF000
stack
page read and write
18347000
heap
page read and write
1007E000
stack
page read and write
AA6F000
stack
page read and write
D62F000
stack
page read and write
10DBE000
stack
page read and write
1834B000
heap
page read and write
269F000
stack
page read and write
6DA000
heap
page read and write
692000
heap
page read and write
6BB000
heap
page read and write
9F2F000
stack
page read and write
401000
unkown
page execute read
2210000
heap
page read and write
575000
heap
page read and write
6EC000
heap
page read and write
79AF000
stack
page read and write
B0AF000
stack
page read and write
C86F000
stack
page read and write
B60E000
stack
page read and write
3C7F000
stack
page read and write
393E000
stack
page read and write
6F8000
heap
page read and write
18343000
heap
page read and write
BA6F000
stack
page read and write
5B0000
direct allocation
page read and write
71D000
heap
page read and write
356E000
stack
page read and write
2C6F000
stack
page read and write
220E000
stack
page read and write
401000
unkown
page execute read
6B3000
heap
page read and write
31AE000
stack
page read and write
6A6F000
stack
page read and write
D06F000
stack
page read and write
5E0000
direct allocation
page read and write
9E2E000
stack
page read and write
18340000
heap
page read and write
210D000
stack
page read and write
68A000
heap
page read and write
C3AF000
stack
page read and write
3530000
direct allocation
page read and write
2B6E000
stack
page read and write
A3AF000
stack
page read and write
6AF000
heap
page read and write
580000
direct allocation
page read and write
A96E000
stack
page read and write
97EE000
stack
page read and write
9A2F000
stack
page read and write
3EE0000
direct allocation
page read and write
560000
direct allocation
page read and write
688000
heap
page read and write
696000
heap
page read and write
3670000
direct allocation
page read and write
9C000
stack
page read and write
400000
unkown
page readonly
6BEF000
stack
page read and write
75EF000
stack
page read and write
2A2D000
stack
page read and write
188BF000
stack
page read and write
1834E000
heap
page read and write
18349000
heap
page read and write
98EF000
stack
page read and write
D52E000
stack
page read and write
6A1000
heap
page read and write
6E4000
heap
page read and write
415000
unkown
page write copy
32AF000
stack
page read and write
78AE000
stack
page read and write
6C0000
heap
page read and write
786F000
stack
page read and write
8DAF000
stack
page read and write
259E000
stack
page read and write
6FA000
heap
page read and write
5D0000
direct allocation
page read and write
63E000
heap
page read and write
6F5000
heap
page read and write
2217000
heap
page read and write
7C2E000
stack
page read and write
74EE000
stack
page read and write
8DEE000
stack
page read and write
38D0000
direct allocation
page read and write
6EF000
heap
page read and write
6AA000
heap
page read and write
620000
direct allocation
page read and write
5EEE000
stack
page read and write
2B2E000
stack
page read and write
677000
heap
page read and write
79EE000
stack
page read and write
630000
heap
page read and write
642F000
stack
page read and write
500000
heap
page read and write
5A0000
direct allocation
page read and write
5FEE000
stack
page read and write
6DF000
heap
page read and write
590000
direct allocation
page read and write
26A1000
direct allocation
page read and write
4CD0000
direct allocation
page read and write
1F0000
heap
page read and write
620000
direct allocation
page read and write
C76E000
stack
page read and write
5C0000
direct allocation
page read and write
69F000
heap
page read and write
740000
direct allocation
page read and write
6D40000
direct allocation
page read and write
8EEE000
stack
page read and write
7AEF000
stack
page read and write
673000
heap
page read and write
992E000
stack
page read and write
600000
direct allocation
page execute and read and write
70C000
heap
page read and write
C72E000
stack
page read and write
520000
direct allocation
page execute and read and write
776E000
stack
page read and write
550000
heap
page read and write
384E000
stack
page read and write
66AE000
stack
page read and write
6BE000
heap
page read and write
6F1000
heap
page read and write
8CAE000
stack
page read and write
7270000
heap
page read and write
1473F000
stack
page read and write
AFAE000
stack
page read and write
E02F000
stack
page read and write
96AE000
stack
page read and write
4F0000
heap
page read and write
5F0000
direct allocation
page read and write
6E9000
heap
page read and write
6AD000
heap
page read and write
415000
unkown
page read and write
69D000
heap
page read and write
60EF000
stack
page read and write
730000
direct allocation
page read and write
6B6000
heap
page read and write
620000
direct allocation
page read and write
19D000
stack
page read and write
405000
unkown
page read and write
366F000
stack
page read and write
27AE000
stack
page read and write
664000
heap
page read and write
D4AE000
stack
page read and write
40A000
unkown
page read and write
DB2F000
stack
page read and write
4B7E000
stack
page read and write
550000
direct allocation
page execute and read and write
ABAF000
stack
page read and write
560000
direct allocation
page read and write
63A000
heap
page read and write
5810000
direct allocation
page read and write
679000
heap
page read and write
28AF000
stack
page read and write
570000
heap
page read and write
660000
heap
page read and write
53D000
direct allocation
page execute and read and write
1017F000
stack
page read and write
400000
unkown
page readonly
40D000
unkown
page read and write
500000
direct allocation
page execute and read and write
A2AE000
stack
page read and write
694000
heap
page read and write
There are 152 hidden memdumps, click here to show them.