Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
GGFILE01_2024-07-04_18_29_24.505.zip
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\GGFILE01_2024-07-04_18_29_24.505.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\mcj5kn1u.0vm" "C:\Users\user\Desktop\GGFILE01_2024-07-04_18_29_24.505.zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F7E000
|
stack
|
page read and write
|
||
|
2CF5000
|
trusted library allocation
|
page read and write
|
||
|
E8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
936000
|
stack
|
page read and write
|
||
|
2CAF000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
E9F000
|
stack
|
page read and write
|
||
|
EBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CD3000
|
trusted library allocation
|
page read and write
|
||
|
2C1D000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
trusted library allocation
|
page read and write
|
||
|
975000
|
heap
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
2C77000
|
trusted library allocation
|
page read and write
|
||
|
2CC8000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
2CD6000
|
trusted library allocation
|
page read and write
|
||
|
ECB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C3C000
|
trusted library allocation
|
page read and write
|
||
|
2C34000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2CB4000
|
trusted library allocation
|
page read and write
|
||
|
2C93000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
2C7F000
|
trusted library allocation
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
2C4F000
|
trusted library allocation
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
2CBA000
|
trusted library allocation
|
page read and write
|
||
|
2C2A000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
2CA6000
|
trusted library allocation
|
page read and write
|
||
|
2CD9000
|
trusted library allocation
|
page read and write
|
||
|
2CA1000
|
trusted library allocation
|
page read and write
|
||
|
9BE000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
2CBD000
|
trusted library allocation
|
page read and write
|
||
|
2C47000
|
trusted library allocation
|
page read and write
|
||
|
2CB7000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
2C4A000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
EB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE1000
|
trusted library allocation
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
2C57000
|
trusted library allocation
|
page read and write
|
||
|
2915000
|
heap
|
page read and write
|
||
|
E82000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C7C000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
2CEF000
|
trusted library allocation
|
page read and write
|
||
|
2C31000
|
trusted library allocation
|
page read and write
|
||
|
2C9E000
|
trusted library allocation
|
page read and write
|
||
|
E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
2C3F000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
2CCB000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
2C25000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
CA8000
|
heap
|
page read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
2C98000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
E90000
|
trusted library allocation
|
page read and write
|
||
|
2C16000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
2C00000
|
trusted library allocation
|
page read and write
|
||
|
2C8A000
|
trusted library allocation
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
F9F000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
A22000
|
heap
|
page read and write
|
||
|
E92000
|
trusted library allocation
|
page execute and read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
2C9B000
|
trusted library allocation
|
page read and write
|
||
|
2CC5000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
2CE4000
|
trusted library allocation
|
page read and write
|
||
|
7F400000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD1000
|
trusted library allocation
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
3BD1000
|
trusted library allocation
|
page read and write
|
||
|
9BA000
|
heap
|
page read and write
|
||
|
939000
|
stack
|
page read and write
|
||
|
E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
2CEC000
|
trusted library allocation
|
page read and write
|
||
|
7FD000
|
stack
|
page read and write
|
||
|
EC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page execute and read and write
|
||
|
2CE7000
|
trusted library allocation
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
9ED000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
2CAC000
|
trusted library allocation
|
page read and write
|
There are 107 hidden memdumps, click here to show them.