IOC Report
batch file malware.bat.txt

loading gifProcessesURLsMemdumps20102Label

Processes

Path
Cmdline
Malicious
C:\Windows\System32\notepad.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\batch file malware.bat.txt

URLs

Name
IP
Malicious
https://umpmfss.top/files/files/Amount.zip?da05d1c18e22cab98c
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
26469A50000
heap
page read and write
2646B430000
heap
page read and write
26469990000
heap
page read and write
26469A7B000
heap
page read and write
2646B41C000
heap
page read and write
2646B603000
heap
page read and write
8B07C78000
stack
page read and write
26469A80000
heap
page read and write
26469A96000
heap
page read and write
26469A78000
heap
page read and write
26469A48000
heap
page read and write
26469A72000
heap
page read and write
2646DB60000
heap
page read and write
2646B600000
heap
page read and write
2646D360000
trusted library allocation
page read and write
26469A40000
heap
page read and write
26469950000
heap
page read and write
26469ABB000
heap
page read and write
8B07DFD000
stack
page read and write
8B07EFF000
stack
page read and write
2646B410000
heap
page read and write
26469A7F000
heap
page read and write
2646B415000
heap
page read and write
26469A7B000
heap
page read and write
26469870000
heap
page read and write
2646B310000
trusted library allocation
page read and write
There are 16 hidden memdumps, click here to show them.