Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2293139_Files_20241007105542_2293139_Files_tutorial8_v4.0 (1).zip
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\2293139_Files_20241007105542_2293139_Files_tutorial8_v4.0 (1).zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\ff5owwsh.bgr" "C:\Users\user\Desktop\2293139_Files_20241007105542_2293139_Files_tutorial8_v4.0
(1).zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
E4E000
|
stack
|
page read and write
|
||
|
3598000
|
trusted library allocation
|
page read and write
|
||
|
16B6000
|
heap
|
page read and write
|
||
|
165A000
|
heap
|
page read and write
|
||
|
3572000
|
trusted library allocation
|
page read and write
|
||
|
35C2000
|
trusted library allocation
|
page read and write
|
||
|
580D000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
35FA000
|
trusted library allocation
|
page read and write
|
||
|
35E6000
|
trusted library allocation
|
page read and write
|
||
|
356D000
|
trusted library allocation
|
page read and write
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
1890000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
1522000
|
trusted library allocation
|
page execute and read and write
|
||
|
35BF000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
35E1000
|
trusted library allocation
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
F1C000
|
stack
|
page read and write
|
||
|
3608000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
3589000
|
trusted library allocation
|
page read and write
|
||
|
5C2F000
|
stack
|
page read and write
|
||
|
99D000
|
stack
|
page read and write
|
||
|
157B000
|
trusted library allocation
|
page execute and read and write
|
||
|
155A000
|
trusted library allocation
|
page execute and read and write
|
||
|
359E000
|
trusted library allocation
|
page read and write
|
||
|
3605000
|
trusted library allocation
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
355E000
|
trusted library allocation
|
page read and write
|
||
|
188E000
|
stack
|
page read and write
|
||
|
89C000
|
stack
|
page read and write
|
||
|
35DE000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
35E9000
|
trusted library allocation
|
page read and write
|
||
|
35DB000
|
trusted library allocation
|
page read and write
|
||
|
35B7000
|
trusted library allocation
|
page read and write
|
||
|
570E000
|
stack
|
page read and write
|
||
|
2885000
|
heap
|
page read and write
|
||
|
4511000
|
trusted library allocation
|
page read and write
|
||
|
3616000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page execute and read and write
|
||
|
18A0000
|
heap
|
page read and write
|
||
|
1577000
|
trusted library allocation
|
page execute and read and write
|
||
|
14F5000
|
heap
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1512000
|
trusted library allocation
|
page execute and read and write
|
||
|
165E000
|
heap
|
page read and write
|
||
|
35FD000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
35B4000
|
trusted library allocation
|
page read and write
|
||
|
1A20000
|
heap
|
page read and write
|
||
|
168D000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
3511000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
151A000
|
trusted library allocation
|
page execute and read and write
|
||
|
35CD000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
354C000
|
trusted library allocation
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
354E000
|
trusted library allocation
|
page read and write
|
||
|
360B000
|
trusted library allocation
|
page read and write
|
||
|
1676000
|
heap
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
359B000
|
trusted library allocation
|
page read and write
|
||
|
3575000
|
trusted library allocation
|
page read and write
|
||
|
35EF000
|
trusted library allocation
|
page read and write
|
||
|
3556000
|
trusted library allocation
|
page read and write
|
||
|
35A9000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
19B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
35AC000
|
trusted library allocation
|
page read and write
|
||
|
3586000
|
trusted library allocation
|
page read and write
|
||
|
3602000
|
trusted library allocation
|
page read and write
|
||
|
35B1000
|
trusted library allocation
|
page read and write
|
||
|
35EC000
|
trusted library allocation
|
page read and write
|
||
|
35D8000
|
trusted library allocation
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
35A3000
|
trusted library allocation
|
page read and write
|
||
|
35F7000
|
trusted library allocation
|
page read and write
|
||
|
3613000
|
trusted library allocation
|
page read and write
|
||
|
35D3000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
35A6000
|
trusted library allocation
|
page read and write
|
||
|
35BA000
|
trusted library allocation
|
page read and write
|
||
|
16C2000
|
heap
|
page read and write
|
||
|
35C5000
|
trusted library allocation
|
page read and write
|
||
|
5B2E000
|
stack
|
page read and write
|
||
|
3580000
|
trusted library allocation
|
page read and write
|
||
|
1552000
|
trusted library allocation
|
page execute and read and write
|
||
|
152C000
|
trusted library allocation
|
page execute and read and write
|
||
|
35D0000
|
trusted library allocation
|
page read and write
|
||
|
3567000
|
trusted library allocation
|
page read and write
|
||
|
3595000
|
trusted library allocation
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
F8E000
|
stack
|
page read and write
|
||
|
3545000
|
trusted library allocation
|
page read and write
|
||
|
35F4000
|
trusted library allocation
|
page read and write
|
||
|
152A000
|
trusted library allocation
|
page execute and read and write
|
There are 101 hidden memdumps, click here to show them.