IOC Report
JRTn7b1kHg.dll

loading gif

Files

File Path
Type
Category
Malicious
JRTn7b1kHg.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\WINDOWS\qeriuwjhrf (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\tasksche.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\user\Desktop\JRTn7b1kHg.dll,PlayGame
 malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\JRTn7b1kHg.dll",#1
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe -m security
 malicious
C:\Windows\tasksche.exe
C:\WINDOWS\tasksche.exe /i
 malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\JRTn7b1kHg.dll",PlayGame
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe
 malicious
C:\Windows\tasksche.exe
C:\WINDOWS\tasksche.exe /i
 malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\JRTn7b1kHg.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\JRTn7b1kHg.dll",#1
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
unknown
https://www.kryptoslogic.com
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
104.16.166.228
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/.
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com//
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/?
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/22www.iuqerfsodp9ifjaposdfjhgosurijfaewrwer
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comJ
unknown

Domains

Name
IP
Malicious
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
104.16.166.228

IPs

IP
Domain
Country
Malicious
192.168.2.97
unknown
unknown
malicious
192.168.2.96
unknown
unknown
malicious
192.168.2.99
unknown
unknown
malicious
192.168.2.98
unknown
unknown
malicious
192.168.2.91
unknown
unknown
malicious
192.168.2.90
unknown
unknown
malicious
192.168.2.93
unknown
unknown
malicious
192.168.2.92
unknown
unknown
malicious
192.168.2.95
unknown
unknown
malicious
192.168.2.94
unknown
unknown
malicious
192.168.2.104
unknown
unknown
malicious
192.168.2.105
unknown
unknown
malicious
192.168.2.102
unknown
unknown
malicious
192.168.2.103
unknown
unknown
malicious
192.168.2.108
unknown
unknown
malicious
192.168.2.109
unknown
unknown
malicious
192.168.2.106
unknown
unknown
malicious
192.168.2.148
unknown
unknown
192.168.2.149
unknown
unknown
192.168.2.146
unknown
unknown
192.168.2.147
unknown
unknown
192.168.2.140
unknown
unknown
192.168.2.141
unknown
unknown
192.168.2.144
unknown
unknown
192.168.2.145
unknown
unknown
192.168.2.142
unknown
unknown
192.168.2.143
unknown
unknown
155.203.74.1
unknown
United States
192.168.2.159
unknown
unknown
192.168.2.157
unknown
unknown
192.168.2.158
unknown
unknown
59.14.88.1
unknown
Korea Republic of
192.168.2.151
unknown
unknown
192.168.2.152
unknown
unknown
192.168.2.150
unknown
unknown
192.168.2.155
unknown
unknown
192.168.2.156
unknown
unknown
192.168.2.153
unknown
unknown
192.168.2.154
unknown
unknown
34.235.99.82
unknown
United States
192.168.2.126
unknown
unknown
192.168.2.247
unknown
unknown
192.168.2.127
unknown
unknown
192.168.2.248
unknown
unknown
192.168.2.124
unknown
unknown
192.168.2.245
unknown
unknown
192.168.2.125
unknown
unknown
192.168.2.246
unknown
unknown
210.39.38.201
unknown
China
35.88.223.132
unknown
United States
192.168.2.128
unknown
unknown
192.168.2.249
unknown
unknown
192.168.2.129
unknown
unknown
192.168.2.240
unknown
unknown
192.168.2.122
unknown
unknown
181.205.225.248
unknown
Colombia
192.168.2.243
unknown
unknown
192.168.2.123
unknown
unknown
192.168.2.244
unknown
unknown
192.168.2.120
unknown
unknown
192.168.2.241
unknown
unknown
192.168.2.121
unknown
unknown
192.168.2.242
unknown
unknown
15.163.145.2
unknown
United States
74.0.230.2
unknown
United States
104.211.2.237
unknown
United States
74.0.230.1
unknown
United States
59.14.88.65
unknown
Korea Republic of
15.163.145.1
unknown
United States
99.122.129.94
unknown
United States
145.33.46.173
unknown
Netherlands
192.168.2.137
unknown
unknown
192.168.2.138
unknown
unknown
192.168.2.135
unknown
unknown
192.168.2.136
unknown
unknown
176.211.243.2
unknown
Russian Federation
176.211.243.1
unknown
Russian Federation
192.168.2.139
unknown
unknown
192.168.2.250
unknown
unknown
192.168.2.130
unknown
unknown
192.168.2.251
unknown
unknown
17.237.114.1
unknown
United States
192.168.2.133
unknown
unknown
192.168.2.254
unknown
unknown
192.168.2.134
unknown
unknown
192.168.2.131
unknown
unknown
192.168.2.252
unknown
unknown
192.168.2.132
unknown
unknown
192.168.2.253
unknown
unknown
221.20.95.1
unknown
Japan
192.168.2.225
unknown
unknown
35.88.223.1
unknown
United States
192.168.2.226
unknown
unknown
192.168.2.223
unknown
unknown
192.168.2.224
unknown
unknown
15.163.145.38
unknown
United States
192.168.2.229
unknown
unknown
176.211.243.106
unknown
Russian Federation
74.0.230.121
unknown
United States
192.168.2.227
unknown
unknown
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
710000
unkown
page readonly
 malicious
1EB8000
heap
page read and write
 malicious
710000
unkown
page readonly
 malicious
40F000
unkown
page write copy
 malicious
40F000
unkown
page write copy
 malicious
710000
unkown
page readonly
 malicious
23E7000
heap
page read and write
 malicious
42E000
unkown
page read and write
 malicious
40F000
unkown
page write copy
 malicious
40F000
unkown
page write copy
 malicious
40F000
unkown
page write copy
 malicious
710000
unkown
page readonly
 malicious
710000
unkown
page readonly
 malicious
710000
unkown
page readonly
 malicious
401000
unkown
page execute read
44AE000
stack
page read and write
32DF000
stack
page read and write
AAE000
stack
page read and write
49AE000
stack
page read and write
D2EF000
stack
page read and write
D7EF000
stack
page read and write
3370000
heap
page read and write
40A000
unkown
page readonly
716F000
stack
page read and write
C8E000
heap
page read and write
2BAE000
stack
page read and write
EAAF000
stack
page read and write
5CAE000
stack
page read and write
1EA9000
heap
page read and write
2F1B000
stack
page read and write
9D2F000
stack
page read and write
766F000
stack
page read and write
2E1E000
stack
page read and write
C7EE000
stack
page read and write
756E000
stack
page read and write
CCAF000
stack
page read and write
47EF000
stack
page read and write
D0AE000
stack
page read and write
BDE000
stack
page read and write
4AAF000
stack
page read and write
E1EF000
stack
page read and write
432F000
stack
page read and write
DBEE000
stack
page read and write
1E9E000
stack
page read and write
1F0000
heap
page read and write
2AE0000
heap
page read and write
BB6E000
stack
page read and write
AC5000
heap
page read and write
2F1F000
stack
page read and write
321D000
stack
page read and write
A5EF000
stack
page read and write
E32F000
stack
page read and write
3BAE000
stack
page read and write
CAC000
heap
page read and write
85AE000
stack
page read and write
E4F000
stack
page read and write
30DE000
stack
page read and write
94AE000
stack
page read and write
2FC0000
heap
page read and write
2A20000
heap
page read and write
D1EE000
stack
page read and write
6F2E000
stack
page read and write
B7E000
stack
page read and write
400000
unkown
page readonly
7F2F000
stack
page read and write
31DE000
stack
page read and write
AEAF000
stack
page read and write
446F000
stack
page read and write
6C6F000
stack
page read and write
9EAE000
stack
page read and write
431000
unkown
page read and write
6EEF000
stack
page read and write
400000
unkown
page readonly
E4AE000
stack
page read and write
5C6F000
stack
page read and write
C3EF000
stack
page read and write
D96E000
stack
page read and write
D5A000
heap
page read and write
2F5E000
stack
page read and write
40A000
unkown
page readonly
CA1000
heap
page read and write
2B60000
heap
page read and write
331B000
stack
page read and write
CB6F000
stack
page read and write
6DAF000
stack
page read and write
D32E000
stack
page read and write
666E000
stack
page read and write
BA2E000
stack
page read and write
4BEF000
stack
page read and write
DE2F000
stack
page read and write
2BFF000
stack
page read and write
80AE000
stack
page read and write
401000
unkown
page execute read
2B00000
heap
page read and write
496E000
stack
page read and write
25E0000
heap
page read and write
BB2F000
stack
page read and write
40E000
unkown
page write copy
A8AE000
stack
page read and write
742E000
stack
page read and write
CE2E000
stack
page read and write
345E000
stack
page read and write
DCEF000
stack
page read and write
111E000
stack
page read and write
E0EE000
stack
page read and write
C2E000
stack
page read and write
1AFE000
stack
page read and write
63AF000
stack
page read and write
40B000
unkown
page write copy
556E000
stack
page read and write
4AEE000
stack
page read and write
253B000
stack
page read and write
50EF000
stack
page read and write
9AAF000
stack
page read and write
82EF000
stack
page read and write
B8EE000
stack
page read and write
576E000
stack
page read and write
45EE000
stack
page read and write
90EE000
stack
page read and write
ADAE000
stack
page read and write
332E000
stack
page read and write
2BB0000
heap
page read and write
4E6F000
stack
page read and write
BE0000
heap
page read and write
422E000
stack
page read and write
36AF000
stack
page read and write
DA6F000
stack
page read and write
62AE000
stack
page read and write
4F6F000
stack
page read and write
5DEE000
stack
page read and write
401000
unkown
page execute read
C16F000
stack
page read and write
E86E000
stack
page read and write
EFAF000
stack
page read and write
3F6F000
stack
page read and write
DBAF000
stack
page read and write
B12F000
stack
page read and write
B62F000
stack
page read and write
A4AF000
stack
page read and write
8F6F000
stack
page read and write
77AF000
stack
page read and write
ED2F000
stack
page read and write
BE5000
heap
page read and write
8BEE000
stack
page read and write
410000
unkown
page readonly
B3EE000
stack
page read and write
408000
unkown
page readonly
AD6F000
stack
page read and write
2C5A000
heap
page read and write
CB0000
heap
page read and write
9FEE000
stack
page read and write
C50000
heap
page read and write
E5EE000
stack
page read and write
401000
unkown
page execute read
73D000
stack
page read and write
AFD000
stack
page read and write
1F0000
heap
page read and write
BC0000
heap
page read and write
D46E000
stack
page read and write
CAD000
stack
page read and write
562E000
stack
page read and write
11E7000
heap
page read and write
D8F000
heap
page read and write
7CAF000
stack
page read and write
CF6E000
stack
page read and write
104F000
stack
page read and write
7BAE000
stack
page read and write
BEEF000
stack
page read and write
33AE000
stack
page read and write
309E000
stack
page read and write
2D1E000
stack
page read and write
C3E000
stack
page read and write
400000
unkown
page readonly
436E000
stack
page read and write
9C000
stack
page read and write
BF2E000
stack
page read and write
401000
unkown
page execute read
372E000
stack
page read and write
CA6E000
stack
page read and write
882E000
stack
page read and write
E0AF000
stack
page read and write
1D9E000
stack
page read and write
C06E000
stack
page read and write
E46F000
stack
page read and write
68AF000
stack
page read and write
3E6E000
stack
page read and write
E82F000
stack
page read and write
1D3F000
stack
page read and write
572F000
stack
page read and write
77EE000
stack
page read and write
B8AF000
stack
page read and write
C7AF000
stack
page read and write
1ABE000
stack
page read and write
2CDF000
stack
page read and write
3360000
heap
page read and write
55AE000
stack
page read and write
EAF000
stack
page read and write
40B000
unkown
page write copy
DFAE000
stack
page read and write
EE6F000
stack
page read and write
E36E000
stack
page read and write
400000
unkown
page readonly
6170000
heap
page read and write
1F0000
heap
page read and write
46EF000
stack
page read and write
19BD000
stack
page read and write
9C2E000
stack
page read and write
2CBE000
stack
page read and write
A22F000
stack
page read and write
A9AF000
stack
page read and write
2E2E000
stack
page read and write
9BEF000
stack
page read and write
AFEF000
stack
page read and write
EBEF000
stack
page read and write
2DDF000
stack
page read and write
2A1F000
stack
page read and write
C20000
heap
page read and write
B76F000
stack
page read and write
2B5F000
stack
page read and write
8BAF000
stack
page read and write
1EA5000
heap
page read and write
586F000
stack
page read and write
10AF000
stack
page read and write
2B9E000
stack
page read and write
B3AF000
stack
page read and write
291E000
stack
page read and write
CB7000
heap
page read and write
29BF000
stack
page read and write
40E000
unkown
page write copy
25F0000
heap
page read and write
D82E000
stack
page read and write
CDB000
heap
page read and write
2FD0000
heap
page read and write
2C9F000
stack
page read and write
F7F000
stack
page read and write
922E000
stack
page read and write
C42E000
stack
page read and write
400000
unkown
page readonly
53EF000
stack
page read and write
652E000
stack
page read and write
C66F000
stack
page read and write
277B000
stack
page read and write
D8B000
heap
page read and write
67AE000
stack
page read and write
40B000
unkown
page write copy
DAAE000
stack
page read and write
E22E000
stack
page read and write
44F0000
heap
page read and write
C56E000
stack
page read and write
336F000
stack
page read and write
D1C000
heap
page read and write
9E6F000
stack
page read and write
293E000
stack
page read and write
341F000
stack
page read and write
D9D000
heap
page read and write
3A6F000
stack
page read and write
9FAF000
stack
page read and write
6B2F000
stack
page read and write
EAEE000
stack
page read and write
6DEE000
stack
page read and write
7B6F000
stack
page read and write
40B000
unkown
page write copy
8A6F000
stack
page read and write
E96F000
stack
page read and write
408000
unkown
page readonly
63EE000
stack
page read and write
87EF000
stack
page read and write
2C3E000
stack
page read and write
431000
unkown
page read and write
A62E000
stack
page read and write
23CC000
heap
page read and write
36EE000
stack
page read and write
D92F000
stack
page read and write
986E000
stack
page read and write
51EF000
stack
page read and write
8AAE000
stack
page read and write
401000
unkown
page execute read
792E000
stack
page read and write
B2AE000
stack
page read and write
F4F000
stack
page read and write
27BC000
stack
page read and write
C2EE000
stack
page read and write
E5AF000
stack
page read and write
B66E000
stack
page read and write
D30000
heap
page read and write
936E000
stack
page read and write
41EE000
stack
page read and write
108E000
stack
page read and write
B26F000
stack
page read and write
D08000
heap
page read and write
EC2E000
stack
page read and write
410000
unkown
page readonly
400000
unkown
page readonly
856F000
stack
page read and write
35AE000
stack
page read and write
96EF000
stack
page read and write
42F000
unkown
page write copy
3CEF000
stack
page read and write
40AF000
stack
page read and write
99AE000
stack
page read and write
4FAE000
stack
page read and write
1140000
heap
page read and write
40A000
unkown
page readonly
A86F000
stack
page read and write
896E000
stack
page read and write
319F000
stack
page read and write
2AEA000
heap
page read and write
602F000
stack
page read and write
5F2E000
stack
page read and write
D5E000
heap
page read and write
3BEE000
stack
page read and write
431000
unkown
page read and write
408000
unkown
page readonly
C92E000
stack
page read and write
309B000
stack
page read and write
68EE000
stack
page read and write
D50000
heap
page read and write
932F000
stack
page read and write
10F0000
heap
page read and write
3560000
heap
page read and write
7CEE000
stack
page read and write
702F000
stack
page read and write
7FE000
stack
page read and write
3630000
heap
page read and write
CDEF000
stack
page read and write
F4F000
stack
page read and write
45AF000
stack
page read and write
7E2E000
stack
page read and write
CFA000
heap
page read and write
BCE000
stack
page read and write
2F5C000
stack
page read and write
2CDE000
stack
page read and write
7A6E000
stack
page read and write
95AF000
stack
page read and write
8FAE000
stack
page read and write
376E000
stack
page read and write
33B0000
heap
page read and write
401000
unkown
page execute read
C1AE000
stack
page read and write
72AF000
stack
page read and write
40A000
unkown
page readonly
C6AE000
stack
page read and write
616F000
stack
page read and write
5EEF000
stack
page read and write
CA2F000
stack
page read and write
A36F000
stack
page read and write
72EE000
stack
page read and write
33BA000
heap
page read and write
392F000
stack
page read and write
9C000
stack
page read and write
73EF000
stack
page read and write
40A000
unkown
page readonly
257C000
stack
page read and write
3E2F000
stack
page read and write
37EE000
stack
page read and write
305F000
stack
page read and write
E9AE000
stack
page read and write
3377000
heap
page read and write
382E000
stack
page read and write
5B6F000
stack
page read and write
3D2E000
stack
page read and write
982F000
stack
page read and write
676F000
stack
page read and write
AC6E000
stack
page read and write
D6F000
stack
page read and write
400000
unkown
page readonly
19D000
stack
page read and write
D22000
heap
page read and write
5DAF000
stack
page read and write
A26E000
stack
page read and write
52EF000
stack
page read and write
34EF000
stack
page read and write
752F000
stack
page read and write
7B0000
heap
page read and write
90AF000
stack
page read and write
3FAE000
stack
page read and write
8CEF000
stack
page read and write
C2AF000
stack
page read and write
40E000
unkown
page write copy
CC0000
heap
page read and write
2C50000
heap
page read and write
9C000
stack
page read and write
A0EF000
stack
page read and write
CB8000
heap
page read and write
DF6F000
stack
page read and write
2F9E000
stack
page read and write
492F000
stack
page read and write
410000
unkown
page readonly
A4EE000
stack
page read and write
D85000
heap
page read and write
C52F000
stack
page read and write
2A5E000
stack
page read and write
45D0000
heap
page read and write
2F2F000
stack
page read and write
706E000
stack
page read and write
29FE000
stack
page read and write
5A6F000
stack
page read and write
BDEE000
stack
page read and write
AC0000
heap
page read and write
19D000
stack
page read and write
7A0000
heap
page read and write
30DE000
stack
page read and write
596F000
stack
page read and write
1C3E000
stack
page read and write
40B000
unkown
page write copy
972E000
stack
page read and write
AC2F000
stack
page read and write
946F000
stack
page read and write
40B000
unkown
page write copy
C58000
heap
page read and write
B3E000
stack
page read and write
806F000
stack
page read and write
3B6F000
stack
page read and write
D08000
heap
page read and write
B9EF000
stack
page read and write
AB0000
heap
page read and write
832E000
stack
page read and write
552F000
stack
page read and write
81EE000
stack
page read and write
2F9D000
stack
page read and write
542E000
stack
page read and write
EEAE000
stack
page read and write
CCEE000
stack
page read and write
B52E000
stack
page read and write
842F000
stack
page read and write
DB5000
heap
page read and write
DD2E000
stack
page read and write
19D000
stack
page read and write
4FC0000
heap
page read and write
D5AE000
stack
page read and write
C25000
heap
page read and write
401000
unkown
page execute read
A12E000
stack
page read and write
2E1F000
stack
page read and write
B02E000
stack
page read and write
40E000
unkown
page write copy
2C7F000
stack
page read and write
BCAE000
stack
page read and write
2E5E000
stack
page read and write
69EF000
stack
page read and write
78EF000
stack
page read and write
31DE000
stack
page read and write
401000
unkown
page execute read
8E6E000
stack
page read and write
355F000
stack
page read and write
400000
unkown
page readonly
A72F000
stack
page read and write
40F000
unkown
page write copy
55EE000
stack
page read and write
86EE000
stack
page read and write
1BFF000
stack
page read and write
D56F000
stack
page read and write
BBE000
stack
page read and write
2B9F000
stack
page read and write
C8EF000
stack
page read and write
1090000
heap
page read and write
2F5F000
stack
page read and write
8D2E000
stack
page read and write
4D2F000
stack
page read and write
452F000
stack
page read and write
410000
unkown
page readonly
BDAF000
stack
page read and write
76AE000
stack
page read and write
31DE000
stack
page read and write
482E000
stack
page read and write
CBAE000
stack
page read and write
D80000
heap
page read and write
1160000
heap
page read and write
E6EF000
stack
page read and write
B4EF000
stack
page read and write
AAEF000
stack
page read and write
81AF000
stack
page read and write
D6EE000
stack
page read and write
D02000
heap
page read and write
40A000
unkown
page readonly
2FE0000
heap
page read and write
2A5F000
stack
page read and write
B40000
heap
page read and write
B16E000
stack
page read and write
4FEE000
stack
page read and write
996F000
stack
page read and write
AEEE000
stack
page read and write
6B6E000
stack
page read and write
2DBF000
stack
page read and write
C50000
heap
page read and write
4D6E000
stack
page read and write
662F000
stack
page read and write
FAF000
stack
page read and write
E72E000
stack
page read and write
2F40000
heap
page read and write
64EF000
stack
page read and write
8E2F000
stack
page read and write
606E000
stack
page read and write
2BDE000
stack
page read and write
A3AE000
stack
page read and write
11E0000
heap
page read and write
4C2E000
stack
page read and write
95EE000
stack
page read and write
400000
unkown
page readonly
B90000
heap
page read and write
D6AF000
stack
page read and write
2970000
heap
page read and write
7DEF000
stack
page read and write
401000
unkown
page execute read
396E000
stack
page read and write
ED6E000
stack
page read and write
6CAE000
stack
page read and write
86AF000
stack
page read and write
408000
unkown
page readonly
D2F000
stack
page read and write
9D6E000
stack
page read and write
BC6F000
stack
page read and write
C02F000
stack
page read and write
B8E000
stack
page read and write
6A2E000
stack
page read and write
7A2F000
stack
page read and write
CF2F000
stack
page read and write
DE6E000
stack
page read and write
B7AE000
stack
page read and write
7F6E000
stack
page read and write
2A10000
heap
page read and write
309E000
stack
page read and write
A9EE000
stack
page read and write
D06F000
stack
page read and write
892F000
stack
page read and write
846E000
stack
page read and write
41AF000
stack
page read and write
A76E000
stack
page read and write
D1AF000
stack
page read and write
400000
unkown
page readonly
9AEE000
stack
page read and write
AB2E000
stack
page read and write
D97000
heap
page read and write
D42F000
stack
page read and write
71AE000
stack
page read and write
91EF000
stack
page read and write
331E000
stack
page read and write
11BE000
stack
page read and write
There are 528 hidden memdumps, click here to show them.