Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
Unicode text, UTF-8 text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\Downloads\DETALLE DE ACTUACI.N JUDICIAL RAD.05000312110120220006501.zip.crdownload (copy)
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\Downloads\c3927b69-e6ed-4616-98de-ad31d2b75efd.tmp
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
Chrome Cache Entry: 43
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 44
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
downloaded
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2008,i,16838366109820561835,7760331261309575191,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://docs.google.com/uc?export=download&id=1rG5XITnDsiVQCEMAfg1Ex3pDcYxrlv0N"
|
||
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Downloads\DETALLE DE ACTUACI N JUDICIAL RAD.05000312110120220006501.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\czhdehiw.vs4" "C:\Users\user\Downloads\DETALLE
DE ACTUACI N JUDICIAL RAD.05000312110120220006501.zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Downloads\DETALLE DE ACTUACI N JUDICIAL RAD.05000312110120220006501.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\ep1rt3ix.njb" "C:\Users\user\Downloads\DETALLE
DE ACTUACI N JUDICIAL RAD.05000312110120220006501.zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
docs.google.com
|
142.250.181.238
|
||
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
drive.usercontent.google.com
|
172.217.16.193
|
||
|
www.google.com
|
142.250.185.100
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.7
|
unknown
|
unknown
|
||
|
142.250.185.100
|
www.google.com
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
142.250.181.238
|
docs.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.217.16.193
|
drive.usercontent.google.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
BEE000
|
heap
|
page read and write
|
||
|
24BF000
|
stack
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
BC6000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
2866000
|
trusted library allocation
|
page read and write
|
||
|
4AFD000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
104A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F390000
|
trusted library allocation
|
page execute and read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
4FEE000
|
stack
|
page read and write
|
||
|
A3F000
|
stack
|
page read and write
|
||
|
7FC000
|
stack
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
2E27000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page read and write
|
||
|
7F620000
|
trusted library allocation
|
page execute and read and write
|
||
|
DBC000
|
stack
|
page read and write
|
||
|
1052000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
E5C000
|
stack
|
page read and write
|
||
|
286A000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
555000
|
heap
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
2E2D000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
C45000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
1270000
|
heap
|
page execute and read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
58B000
|
heap
|
page read and write
|
||
|
550E000
|
stack
|
page read and write
|
||
|
50ED000
|
stack
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
598000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
A4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
288A000
|
trusted library allocation
|
page read and write
|
||
|
EBD000
|
stack
|
page read and write
|
||
|
2E69000
|
trusted library allocation
|
page read and write
|
||
|
2858000
|
trusted library allocation
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
53E000
|
heap
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
162F000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
11F8000
|
heap
|
page read and write
|
||
|
2E6C000
|
trusted library allocation
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2801000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
12F8000
|
heap
|
page read and write
|
||
|
2E18000
|
trusted library allocation
|
page read and write
|
||
|
A87000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
2863000
|
trusted library allocation
|
page read and write
|
||
|
2E32000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
49BD000
|
stack
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2E8B000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
107A000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
A6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BEB000
|
heap
|
page read and write
|
||
|
2E35000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E72000
|
trusted library allocation
|
page read and write
|
||
|
285B000
|
trusted library allocation
|
page read and write
|
||
|
A42000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2E94000
|
trusted library allocation
|
page read and write
|
||
|
C1F000
|
heap
|
page read and write
|
||
|
4BFA000
|
stack
|
page read and write
|
||
|
286D000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
trusted library allocation
|
page read and write
|
||
|
14EF000
|
stack
|
page read and write
|
||
|
283E000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
2E8E000
|
trusted library allocation
|
page read and write
|
||
|
2E91000
|
trusted library allocation
|
page read and write
|
||
|
2E67000
|
trusted library allocation
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
512D000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
14EF000
|
stack
|
page read and write
|
||
|
3801000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
C54000
|
heap
|
page read and write
|
||
|
A7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1227000
|
trusted library allocation
|
page execute and read and write
|
||
|
2876000
|
trusted library allocation
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
A52000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
2E7A000
|
trusted library allocation
|
page read and write
|
||
|
11AE000
|
stack
|
page read and write
|
||
|
4F9000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2E83000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
C06000
|
heap
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
56A000
|
heap
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
106A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E78000
|
trusted library allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
2853000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
2E53000
|
trusted library allocation
|
page read and write
|
||
|
2873000
|
trusted library allocation
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
59E000
|
heap
|
page read and write
|
||
|
1050000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
55C000
|
heap
|
page read and write
|
||
|
53CE000
|
stack
|
page read and write
|
||
|
A72000
|
trusted library allocation
|
page execute and read and write
|
||
|
109D000
|
stack
|
page read and write
|
||
|
A8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1072000
|
trusted library allocation
|
page execute and read and write
|
||
|
105A000
|
trusted library allocation
|
page execute and read and write
|
||
|
283C000
|
trusted library allocation
|
page read and write
|
||
|
12D0000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
284E000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
2E6F000
|
trusted library allocation
|
page read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
48FE000
|
stack
|
page read and write
|
||
|
522A000
|
stack
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
105C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E46000
|
trusted library allocation
|
page read and write
|
||
|
101F000
|
stack
|
page read and write
|
||
|
A5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
122B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC5000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
1042000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ABD000
|
stack
|
page read and write
|
There are 177 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://drive.usercontent.google.com/download?id=1rG5XITnDsiVQCEMAfg1Ex3pDcYxrlv0N&export=download
|
 |