IOC Report
ET6LdJaK54.dll

loading gif

Files

File Path
Type
Category
Malicious
ET6LdJaK54.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\WINDOWS\qeriuwjhrf (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\tasksche.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\user\Desktop\ET6LdJaK54.dll,PlayGame
 malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\ET6LdJaK54.dll",#1
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe -m security
 malicious
C:\Windows\tasksche.exe
C:\WINDOWS\tasksche.exe /i
 malicious
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\ET6LdJaK54.dll",PlayGame
 malicious
C:\Windows\mssecsvc.exe
C:\WINDOWS\mssecsvc.exe
 malicious
C:\Windows\tasksche.exe
C:\WINDOWS\tasksche.exe /i
 malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\ET6LdJaK54.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\ET6LdJaK54.dll",#1
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/s
unknown
https://www.kryptoslogic.com
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
104.16.167.228
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/L
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/(3
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com9B
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comiA
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/YCN
unknown
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comJ
unknown

Domains

Name
IP
Malicious
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
104.16.167.228

IPs

IP
Domain
Country
Malicious
192.168.2.97
unknown
unknown
malicious
192.168.2.96
unknown
unknown
malicious
192.168.2.99
unknown
unknown
malicious
192.168.2.98
unknown
unknown
malicious
192.168.2.91
unknown
unknown
malicious
192.168.2.90
unknown
unknown
malicious
192.168.2.93
unknown
unknown
malicious
192.168.2.92
unknown
unknown
malicious
192.168.2.95
unknown
unknown
malicious
192.168.2.94
unknown
unknown
malicious
192.168.2.104
unknown
unknown
malicious
192.168.2.105
unknown
unknown
malicious
192.168.2.102
unknown
unknown
malicious
192.168.2.103
unknown
unknown
malicious
150.197.225.3
unknown
Korea Republic of
150.197.225.2
unknown
Korea Republic of
68.29.208.213
unknown
United States
87.197.225.184
unknown
Slovakia (SLOVAK Republic)
150.197.225.1
unknown
Korea Republic of
192.168.2.148
unknown
unknown
192.168.2.149
unknown
unknown
192.168.2.146
unknown
unknown
192.168.2.147
unknown
unknown
70.146.33.215
unknown
United States
192.168.2.140
unknown
unknown
192.168.2.141
unknown
unknown
106.230.138.178
unknown
China
192.168.2.144
unknown
unknown
192.168.2.145
unknown
unknown
57.181.230.1
unknown
Belgium
192.168.2.142
unknown
unknown
192.168.2.143
unknown
unknown
223.189.178.2
unknown
India
223.189.178.1
unknown
India
163.210.141.2
unknown
Japan
163.210.141.1
unknown
Japan
164.183.20.1
unknown
United States
192.168.2.159
unknown
unknown
164.183.20.2
unknown
United States
192.168.2.157
unknown
unknown
192.168.2.158
unknown
unknown
192.168.2.151
unknown
unknown
192.168.2.152
unknown
unknown
192.168.2.150
unknown
unknown
192.168.2.155
unknown
unknown
192.168.2.156
unknown
unknown
192.168.2.153
unknown
unknown
192.168.2.154
unknown
unknown
138.98.68.169
unknown
United States
192.168.2.126
unknown
unknown
192.168.2.247
unknown
unknown
192.168.2.127
unknown
unknown
192.168.2.248
unknown
unknown
192.168.2.124
unknown
unknown
192.168.2.245
unknown
unknown
192.168.2.125
unknown
unknown
192.168.2.246
unknown
unknown
192.168.2.128
unknown
unknown
192.168.2.249
unknown
unknown
192.168.2.129
unknown
unknown
192.168.2.240
unknown
unknown
68.209.105.69
unknown
United States
24.46.238.1
unknown
United States
192.168.2.122
unknown
unknown
192.168.2.243
unknown
unknown
217.156.218.50
unknown
United Kingdom
57.181.230.105
unknown
Belgium
192.168.2.123
unknown
unknown
192.168.2.244
unknown
unknown
24.46.238.2
unknown
United States
192.168.2.120
unknown
unknown
192.168.2.241
unknown
unknown
192.168.2.121
unknown
unknown
192.168.2.242
unknown
unknown
121.43.141.1
unknown
China
150.197.225.252
unknown
Korea Republic of
192.168.2.137
unknown
unknown
192.168.2.138
unknown
unknown
184.51.220.112
unknown
United States
192.168.2.135
unknown
unknown
192.168.2.136
unknown
unknown
192.168.2.139
unknown
unknown
163.210.141.184
unknown
Japan
192.168.2.250
unknown
unknown
192.168.2.130
unknown
unknown
192.168.2.251
unknown
unknown
192.168.2.133
unknown
unknown
192.168.2.254
unknown
unknown
192.168.2.134
unknown
unknown
192.168.2.131
unknown
unknown
192.168.2.252
unknown
unknown
192.168.2.132
unknown
unknown
192.168.2.253
unknown
unknown
24.145.216.1
unknown
United States
184.51.220.1
unknown
United States
92.159.65.1
unknown
France
87.197.225.1
unknown
Slovakia (SLOVAK Republic)
192.168.2.225
unknown
unknown
192.168.2.226
unknown
unknown
192.168.2.223
unknown
unknown
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
40F000
unkown
page write copy
 malicious
1E78000
heap
page read and write
 malicious
710000
unkown
page readonly
 malicious
710000
unkown
page readonly
 malicious
40F000
unkown
page write copy
 malicious
40F000
unkown
page write copy
 malicious
42E000
unkown
page read and write
 malicious
710000
unkown
page readonly
 malicious
710000
unkown
page readonly
 malicious
40F000
unkown
page write copy
 malicious
23AA000
heap
page read and write
 malicious
40F000
unkown
page write copy
 malicious
710000
unkown
page readonly
 malicious
710000
unkown
page readonly
 malicious
401000
unkown
page execute read
19D000
stack
page read and write
4BAF000
stack
page read and write
752E000
stack
page read and write
DDEF000
stack
page read and write
D8EF000
stack
page read and write
9AAE000
stack
page read and write
40B000
unkown
page write copy
B72F000
stack
page read and write
400000
unkown
page readonly
A86E000
stack
page read and write
28B0000
heap
page read and write
40A000
unkown
page readonly
40A000
unkown
page readonly
D02F000
stack
page read and write
B3AE000
stack
page read and write
321E000
stack
page read and write
BC2F000
stack
page read and write
2F1E000
stack
page read and write
10BE000
stack
page read and write
D70000
heap
page read and write
CC6F000
stack
page read and write
C2AE000
stack
page read and write
CA2E000
stack
page read and write
A46F000
stack
page read and write
D7EE000
stack
page read and write
19D000
stack
page read and write
2F5F000
stack
page read and write
B8E000
stack
page read and write
982E000
stack
page read and write
2F40000
heap
page read and write
E82E000
stack
page read and write
F60000
heap
page read and write
DBAE000
stack
page read and write
1A9F000
stack
page read and write
ECEF000
stack
page read and write
2ADC000
stack
page read and write
2DBB000
stack
page read and write
9A6F000
stack
page read and write
E5AE000
stack
page read and write
81AE000
stack
page read and write
686F000
stack
page read and write
992F000
stack
page read and write
432E000
stack
page read and write
E2EF000
stack
page read and write
92EF000
stack
page read and write
C4EF000
stack
page read and write
B8AE000
stack
page read and write
C2F000
heap
page read and write
6EAF000
stack
page read and write
1170000
heap
page read and write
E06F000
stack
page read and write
1F0000
heap
page read and write
410000
unkown
page readonly
D1E000
heap
page read and write
3B6F000
stack
page read and write
6D6F000
stack
page read and write
586E000
stack
page read and write
87AF000
stack
page read and write
31DB000
stack
page read and write
4F6F000
stack
page read and write
A96F000
stack
page read and write
365F000
stack
page read and write
400000
unkown
page readonly
401000
unkown
page execute read
D92E000
stack
page read and write
2B50000
heap
page read and write
4D2E000
stack
page read and write
56AF000
stack
page read and write
EDF000
stack
page read and write
892E000
stack
page read and write
1E69000
heap
page read and write
83EF000
stack
page read and write
315F000
stack
page read and write
7B6E000
stack
page read and write
DDF000
stack
page read and write
CB6E000
stack
page read and write
C62F000
stack
page read and write
B7E000
stack
page read and write
712F000
stack
page read and write
401000
unkown
page execute read
6C2F000
stack
page read and write
2CCE000
stack
page read and write
2DFC000
stack
page read and write
3080000
heap
page read and write
78AF000
stack
page read and write
2C8F000
stack
page read and write
9E2F000
stack
page read and write
A9AE000
stack
page read and write
A32F000
stack
page read and write
2921000
heap
page read and write
9C000
stack
page read and write
A70000
heap
page read and write
181D000
stack
page read and write
36AE000
stack
page read and write
4FAE000
stack
page read and write
D6AE000
stack
page read and write
C3E000
heap
page read and write
336E000
stack
page read and write
AE6F000
stack
page read and write
1F0000
heap
page read and write
C8EE000
stack
page read and write
77AE000
stack
page read and write
329F000
stack
page read and write
E42F000
stack
page read and write
63AE000
stack
page read and write
431000
unkown
page read and write
626F000
stack
page read and write
2F3F000
stack
page read and write
A5AF000
stack
page read and write
C27000
heap
page read and write
55AF000
stack
page read and write
115F000
stack
page read and write
64EE000
stack
page read and write
8B6F000
stack
page read and write
406F000
stack
page read and write
331E000
stack
page read and write
806E000
stack
page read and write
78EE000
stack
page read and write
522E000
stack
page read and write
13E0000
heap
page read and write
9BAF000
stack
page read and write
400000
unkown
page readonly
EE6E000
stack
page read and write
B20000
heap
page read and write
1C5000
heap
page read and write
51BE000
stack
page read and write
B76E000
stack
page read and write
C3EE000
stack
page read and write
762F000
stack
page read and write
956F000
stack
page read and write
410000
unkown
page readonly
96EE000
stack
page read and write
408000
unkown
page readonly
602E000
stack
page read and write
431000
unkown
page read and write
400000
unkown
page readonly
B4EE000
stack
page read and write
6EEE000
stack
page read and write
BE0000
heap
page read and write
996E000
stack
page read and write
AFE000
stack
page read and write
F0F000
stack
page read and write
B36F000
stack
page read and write
42FE000
stack
page read and write
B62E000
stack
page read and write
5DAE000
stack
page read and write
676E000
stack
page read and write
B22F000
stack
page read and write
4E2F000
stack
page read and write
40A000
unkown
page readonly
7EEF000
stack
page read and write
816F000
stack
page read and write
10FE000
stack
page read and write
702E000
stack
page read and write
309F000
stack
page read and write
D42E000
stack
page read and write
BEEE000
stack
page read and write
C9E000
stack
page read and write
3F2F000
stack
page read and write
4BEE000
stack
page read and write
95AE000
stack
page read and write
341E000
stack
page read and write
40A000
unkown
page readonly
F0AF000
stack
page read and write
28DE000
stack
page read and write
A70000
heap
page read and write
942F000
stack
page read and write
D5F000
heap
page read and write
40E000
unkown
page write copy
6FEF000
stack
page read and write
47EF000
stack
page read and write
2F2F000
stack
page read and write
AAAF000
stack
page read and write
EDF000
stack
page read and write
E7EF000
stack
page read and write
C9F000
heap
page read and write
8CEE000
stack
page read and write
431000
unkown
page read and write
3A6E000
stack
page read and write
6B2E000
stack
page read and write
171D000
stack
page read and write
433F000
stack
page read and write
238F000
heap
page read and write
30DD000
stack
page read and write
616E000
stack
page read and write
408000
unkown
page readonly
46EE000
stack
page read and write
852F000
stack
page read and write
517E000
stack
page read and write
DCAF000
stack
page read and write
D10000
heap
page read and write
D1A000
heap
page read and write
C12F000
stack
page read and write
2B8E000
stack
page read and write
3CAF000
stack
page read and write
8DEF000
stack
page read and write
40E000
unkown
page write copy
E0AE000
stack
page read and write
482E000
stack
page read and write
40B000
unkown
page write copy
40E000
unkown
page write copy
5B6F000
stack
page read and write
2B40000
heap
page read and write
319E000
stack
page read and write
3070000
heap
page read and write
69AF000
stack
page read and write
50AF000
stack
page read and write
D06E000
stack
page read and write
D7AF000
stack
page read and write
408000
unkown
page readonly
308E000
stack
page read and write
B9EE000
stack
page read and write
3CEE000
stack
page read and write
BFEF000
stack
page read and write
C3AF000
stack
page read and write
103F000
stack
page read and write
4CEF000
stack
page read and write
C8AF000
stack
page read and write
A90000
heap
page read and write
BB2E000
stack
page read and write
5A6F000
stack
page read and write
401000
unkown
page execute read
13D0000
heap
page read and write
91AF000
stack
page read and write
B90000
heap
page read and write
AFEE000
stack
page read and write
290A000
heap
page read and write
C52E000
stack
page read and write
C76F000
stack
page read and write
B9AF000
stack
page read and write
536E000
stack
page read and write
A36E000
stack
page read and write
EFAE000
stack
page read and write
73AF000
stack
page read and write
3A2F000
stack
page read and write
43EF000
stack
page read and write
2B1F000
stack
page read and write
AFAF000
stack
page read and write
33B0000
heap
page read and write
A98000
heap
page read and write
C66E000
stack
page read and write
E6AF000
stack
page read and write
A5EE000
stack
page read and write
A82F000
stack
page read and write
D45000
heap
page read and write
672F000
stack
page read and write
88EF000
stack
page read and write
D16F000
stack
page read and write
305E000
stack
page read and write
2E2E000
stack
page read and write
401000
unkown
page execute read
6DAE000
stack
page read and write
F3E000
stack
page read and write
B86F000
stack
page read and write
8F6E000
stack
page read and write
AEAE000
stack
page read and write
866F000
stack
page read and write
104F000
stack
page read and write
856E000
stack
page read and write
400000
unkown
page readonly
8A6E000
stack
page read and write
A1EF000
stack
page read and write
40B000
unkown
page write copy
8CAF000
stack
page read and write
E56F000
stack
page read and write
A0EE000
stack
page read and write
496E000
stack
page read and write
E96E000
stack
page read and write
C16E000
stack
page read and write
2F5A000
heap
page read and write
2EDF000
stack
page read and write
446E000
stack
page read and write
42EF000
stack
page read and write
31DB000
stack
page read and write
4E6E000
stack
page read and write
33AF000
stack
page read and write
199E000
stack
page read and write
DA6E000
stack
page read and write
113E000
stack
page read and write
5EEE000
stack
page read and write
400000
unkown
page readonly
A22E000
stack
page read and write
32EE000
stack
page read and write
CCAE000
stack
page read and write
C0B000
heap
page read and write
30DD000
stack
page read and write
86AE000
stack
page read and write
7C6F000
stack
page read and write
F4E000
stack
page read and write
9CEF000
stack
page read and write
AFE000
stack
page read and write
392E000
stack
page read and write
2EF0000
heap
page read and write
456F000
stack
page read and write
D1AE000
stack
page read and write
532F000
stack
page read and write
410000
unkown
page readonly
30EA000
heap
page read and write
D78000
heap
page read and write
3BAE000
stack
page read and write
442F000
stack
page read and write
410000
unkown
page readonly
C26F000
stack
page read and write
1060000
heap
page read and write
662E000
stack
page read and write
91EE000
stack
page read and write
BDAE000
stack
page read and write
19D000
stack
page read and write
29DF000
stack
page read and write
D9F000
stack
page read and write
2AD0000
heap
page read and write
A72E000
stack
page read and write
9FAE000
stack
page read and write
50FE000
stack
page read and write
A80000
heap
page read and write
BD6F000
stack
page read and write
A0AF000
stack
page read and write
40A000
unkown
page readonly
3F6E000
stack
page read and write
776F000
stack
page read and write
2A9B000
stack
page read and write
B30000
heap
page read and write
195E000
stack
page read and write
C02E000
stack
page read and write
C2F000
heap
page read and write
401000
unkown
page execute read
ABE000
stack
page read and write
2DCF000
stack
page read and write
32DE000
stack
page read and write
E1AF000
stack
page read and write
97EF000
stack
page read and write
3DEF000
stack
page read and write
72AE000
stack
page read and write
9E6E000
stack
page read and write
16C0000
heap
page read and write
40B000
unkown
page write copy
74EF000
stack
page read and write
1D5E000
stack
page read and write
1C10000
heap
page read and write
6270000
heap
page read and write
37EE000
stack
page read and write
EF6F000
stack
page read and write
BAEF000
stack
page read and write
EE2F000
stack
page read and write
28F0000
heap
page read and write
2A1E000
stack
page read and write
5EAF000
stack
page read and write
A4AE000
stack
page read and write
C3F000
heap
page read and write
4A6F000
stack
page read and write
546F000
stack
page read and write
355E000
stack
page read and write
726F000
stack
page read and write
31C0000
heap
page read and write
9C000
stack
page read and write
513E000
stack
page read and write
766E000
stack
page read and write
CFF000
stack
page read and write
DB6F000
stack
page read and write
DF6E000
stack
page read and write
EAAE000
stack
page read and write
2D9F000
stack
page read and write
2F9E000
stack
page read and write
AC2E000
stack
page read and write
82EE000
stack
page read and write
40B000
unkown
page write copy
B25000
heap
page read and write
CAC000
heap
page read and write
582E000
stack
page read and write
946E000
stack
page read and write
45AE000
stack
page read and write
CF2E000
stack
page read and write
B0EF000
stack
page read and write
41EE000
stack
page read and write
F6F000
heap
page read and write
40B000
unkown
page write copy
401000
unkown
page execute read
1F5000
heap
page read and write
612F000
stack
page read and write
37AF000
stack
page read and write
57AF000
stack
page read and write
401000
unkown
page execute read
DDE000
stack
page read and write
BDE000
stack
page read and write
F17000
heap
page read and write
A70000
heap
page read and write
40E000
unkown
page write copy
E32E000
stack
page read and write
4470000
heap
page read and write
40A000
unkown
page readonly
1C0000
heap
page read and write
596F000
stack
page read and write
8E2E000
stack
page read and write
ABEF000
stack
page read and write
AD2F000
stack
page read and write
842E000
stack
page read and write
2F50000
heap
page read and write
400000
unkown
page readonly
5FEF000
stack
page read and write
A6EF000
stack
page read and write
8A2F000
stack
page read and write
6AEF000
stack
page read and write
D2AF000
stack
page read and write
43AE000
stack
page read and write
401000
unkown
page execute read
87EE000
stack
page read and write
1E65000
heap
page read and write
A70000
heap
page read and write
42F000
unkown
page write copy
716E000
stack
page read and write
E6EE000
stack
page read and write
8BAE000
stack
page read and write
CB2F000
stack
page read and write
46AF000
stack
page read and write
185E000
stack
page read and write
9F6F000
stack
page read and write
9C000
stack
page read and write
96AF000
stack
page read and write
33DF000
stack
page read and write
65EF000
stack
page read and write
ED2E000
stack
page read and write
802F000
stack
page read and write
AAEE000
stack
page read and write
BEAF000
stack
page read and write
54AE000
stack
page read and write
492F000
stack
page read and write
64AF000
stack
page read and write
DCEE000
stack
page read and write
D52F000
stack
page read and write
7B2F000
stack
page read and write
932E000
stack
page read and write
ACF000
heap
page read and write
3160000
heap
page read and write
1E5E000
stack
page read and write
B12E000
stack
page read and write
B26E000
stack
page read and write
CEEF000
stack
page read and write
CDAF000
stack
page read and write
7CAE000
stack
page read and write
2E5F000
stack
page read and write
287C000
stack
page read and write
2C5F000
stack
page read and write
B5EF000
stack
page read and write
E46E000
stack
page read and write
D3EF000
stack
page read and write
79EF000
stack
page read and write
400000
unkown
page readonly
401000
unkown
page execute read
AFB000
heap
page read and write
125F000
stack
page read and write
283B000
stack
page read and write
2B00000
heap
page read and write
EBEE000
stack
page read and write
38EF000
stack
page read and write
C7AE000
stack
page read and write
400000
unkown
page readonly
B4AF000
stack
page read and write
1060000
heap
page read and write
A80000
heap
page read and write
309E000
stack
page read and write
332F000
stack
page read and write
EA6F000
stack
page read and write
7DEE000
stack
page read and write
2D5F000
stack
page read and write
B04000
heap
page read and write
40F000
unkown
page write copy
30E0000
heap
page read and write
73EE000
stack
page read and write
7F2E000
stack
page read and write
40AE000
stack
page read and write
A0D000
stack
page read and write
4AAE000
stack
page read and write
69EE000
stack
page read and write
7A2E000
stack
page read and write
CDEE000
stack
page read and write
DF2F000
stack
page read and write
90D000
stack
page read and write
BE8000
heap
page read and write
400000
unkown
page readonly
6C6E000
stack
page read and write
DA2F000
stack
page read and write
30CE000
stack
page read and write
2900000
heap
page read and write
2BCE000
stack
page read and write
4C60000
heap
page read and write
C9EF000
stack
page read and write
3040000
heap
page read and write
F6B000
heap
page read and write
1C28000
heap
page read and write
68AE000
stack
page read and write
41AF000
stack
page read and write
82AF000
stack
page read and write
5C6F000
stack
page read and write
90AE000
stack
page read and write
1BDF000
stack
page read and write
C42000
heap
page read and write
5D6F000
stack
page read and write
AF0000
heap
page read and write
D66F000
stack
page read and write
AD6E000
stack
page read and write
F10000
heap
page read and write
57EE000
stack
page read and write
7DAF000
stack
page read and write
2DDE000
stack
page read and write
D56E000
stack
page read and write
3E2E000
stack
page read and write
9BEE000
stack
page read and write
906F000
stack
page read and write
EBAF000
stack
page read and write
DE2E000
stack
page read and write
9D2E000
stack
page read and write
E1EE000
stack
page read and write
2F9E000
stack
page read and write
BC6E000
stack
page read and write
E92F000
stack
page read and write
408000
unkown
page readonly
2C9E000
stack
page read and write
2B5E000
stack
page read and write
1ADE000
stack
page read and write
8F2F000
stack
page read and write
3660000
heap
page read and write
D2EE000
stack
page read and write
351F000
stack
page read and write
301F000
stack
page read and write
There are 529 hidden memdumps, click here to show them.