Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
encrypter-win32.rar
|
RAR archive data, v5
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\encrypter-win32.rar"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\tcbbx44c.cen" "C:\Users\user\Desktop\encrypter-win32.rar"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
308F000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
129A000
|
trusted library allocation
|
page execute and read and write
|
||
|
310E000
|
trusted library allocation
|
page read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
306E000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
2F72000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
3074000
|
trusted library allocation
|
page read and write
|
||
|
30D9000
|
trusted library allocation
|
page read and write
|
||
|
3127000
|
trusted library allocation
|
page read and write
|
||
|
30AB000
|
trusted library allocation
|
page read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
12AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
307A000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
311F000
|
trusted library allocation
|
page read and write
|
||
|
30D3000
|
trusted library allocation
|
page read and write
|
||
|
30F2000
|
trusted library allocation
|
page read and write
|
||
|
30E1000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page execute and read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
trusted library allocation
|
page read and write
|
||
|
E9F000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page execute and read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
30CB000
|
trusted library allocation
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
30BA000
|
trusted library allocation
|
page read and write
|
||
|
3087000
|
trusted library allocation
|
page read and write
|
||
|
1262000
|
trusted library allocation
|
page execute and read and write
|
||
|
30FA000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
30DC000
|
trusted library allocation
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
3119000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
56FE000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
30A8000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
30EF000
|
trusted library allocation
|
page read and write
|
||
|
30F5000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
30EA000
|
trusted library allocation
|
page read and write
|
||
|
126A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FBC000
|
stack
|
page read and write
|
||
|
CFB000
|
stack
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
127C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3116000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
305C000
|
trusted library allocation
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
312D000
|
trusted library allocation
|
page read and write
|
||
|
3095000
|
trusted library allocation
|
page read and write
|
||
|
1272000
|
trusted library allocation
|
page execute and read and write
|
||
|
30CE000
|
trusted library allocation
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
3132000
|
trusted library allocation
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page read and write
|
||
|
30E4000
|
trusted library allocation
|
page read and write
|
||
|
30B7000
|
trusted library allocation
|
page read and write
|
||
|
1292000
|
trusted library allocation
|
page execute and read and write
|
||
|
127A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3085000
|
heap
|
page read and write
|
||
|
3108000
|
trusted library allocation
|
page read and write
|
||
|
17CF000
|
stack
|
page read and write
|
||
|
4021000
|
trusted library allocation
|
page read and write
|
||
|
30BD000
|
trusted library allocation
|
page read and write
|
||
|
EA1000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
541A000
|
stack
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
307C000
|
trusted library allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
153F000
|
stack
|
page read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
531D000
|
stack
|
page read and write
|
||
|
311C000
|
trusted library allocation
|
page read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
30E7000
|
trusted library allocation
|
page read and write
|
||
|
30A2000
|
trusted library allocation
|
page read and write
|
||
|
30D6000
|
trusted library allocation
|
page read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
7F7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
3092000
|
trusted library allocation
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
12A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
3103000
|
trusted library allocation
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
30C5000
|
trusted library allocation
|
page read and write
|
There are 110 hidden memdumps, click here to show them.