Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
mydoc.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\mydoc.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\pk3m1tos.mei" "C:\Users\user\Desktop\mydoc.zip"
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22E000
|
heap
|
page read and write
|
||
|
25A1000
|
trusted library allocation
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
253C000
|
trusted library allocation
|
page read and write
|
||
|
2596000
|
trusted library allocation
|
page read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
12C000
|
stack
|
page read and write
|
||
|
2507000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2545000
|
trusted library allocation
|
page read and write
|
||
|
1A0000
|
trusted library allocation
|
page read and write
|
||
|
256F000
|
trusted library allocation
|
page read and write
|
||
|
24F9000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
heap
|
page read and write
|
||
|
2A0000
|
heap
|
page read and write
|
||
|
2529000
|
trusted library allocation
|
page read and write
|
||
|
F9E000
|
stack
|
page read and write
|
||
|
747000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
2569000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
252E000
|
trusted library allocation
|
page read and write
|
||
|
2526000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
stack
|
page read and write
|
||
|
4AE000
|
stack
|
page read and write
|
||
|
1AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
15D000
|
heap
|
page read and write
|
||
|
2582000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
trusted library allocation
|
page read and write
|
||
|
251A000
|
trusted library allocation
|
page read and write
|
||
|
256C000
|
trusted library allocation
|
page read and write
|
||
|
234000
|
heap
|
page read and write
|
||
|
2517000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
24B1000
|
trusted library allocation
|
page read and write
|
||
|
24FF000
|
trusted library allocation
|
page read and write
|
||
|
2558000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
253F000
|
trusted library allocation
|
page read and write
|
||
|
2553000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page execute and read and write
|
||
|
24F2000
|
trusted library allocation
|
page read and write
|
||
|
2577000
|
trusted library allocation
|
page read and write
|
||
|
2512000
|
trusted library allocation
|
page read and write
|
||
|
130000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
4C0000
|
trusted library allocation
|
page read and write
|
||
|
254D000
|
trusted library allocation
|
page read and write
|
||
|
257A000
|
trusted library allocation
|
page read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
1E4000
|
heap
|
page read and write
|
||
|
2542000
|
trusted library allocation
|
page read and write
|
||
|
24CA000
|
trusted library allocation
|
page read and write
|
||
|
1A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
24D2000
|
trusted library allocation
|
page read and write
|
||
|
2588000
|
trusted library allocation
|
page read and write
|
||
|
237000
|
heap
|
page read and write
|
||
|
257D000
|
trusted library allocation
|
page read and write
|
||
|
255B000
|
trusted library allocation
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
462E000
|
stack
|
page read and write | page guard
|
||
|
259B000
|
trusted library allocation
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
2504000
|
trusted library allocation
|
page read and write
|
||
|
2574000
|
trusted library allocation
|
page read and write
|
||
|
250A000
|
trusted library allocation
|
page read and write
|
||
|
2531000
|
trusted library allocation
|
page read and write
|
||
|
2585000
|
trusted library allocation
|
page read and write
|
||
|
219F000
|
stack
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
254A000
|
trusted library allocation
|
page read and write
|
||
|
2534000
|
trusted library allocation
|
page read and write
|
||
|
41D000
|
stack
|
page read and write
|
||
|
3EB000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
7EF50000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A4000
|
trusted library allocation
|
page read and write
|
||
|
2CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
250C000
|
trusted library allocation
|
page read and write
|
||
|
2566000
|
trusted library allocation
|
page read and write
|
||
|
152000
|
trusted library allocation
|
page execute and read and write
|
||
|
2561000
|
trusted library allocation
|
page read and write
|
||
|
2D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A6000
|
heap
|
page read and write
|
||
|
2537000
|
trusted library allocation
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
20C000
|
heap
|
page read and write
|
||
|
4A3D000
|
stack
|
page read and write
|
||
|
3E6000
|
stack
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
1AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
255E000
|
trusted library allocation
|
page read and write
|
||
|
2523000
|
trusted library allocation
|
page read and write
|
||
|
2593000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page execute and read and write
|
||
|
1C7000
|
heap
|
page read and write
|
||
|
15A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
258B000
|
trusted library allocation
|
page read and write
|
||
|
34B1000
|
trusted library allocation
|
page read and write
|
||
|
1F8000
|
heap
|
page read and write
|
||
|
24C2000
|
trusted library allocation
|
page read and write
|
||
|
259E000
|
trusted library allocation
|
page read and write
|
There are 100 hidden memdumps, click here to show them.