Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
NUtec_FS01_2024-04-19_07_41_35.191.zip
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\NUtec_FS01_2024-04-19_07_41_35.191.zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\ysvq5c1x.zkp" "C:\Users\user\Desktop\NUtec_FS01_2024-04-19_07_41_35.191.zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C82000
|
trusted library allocation
|
page execute and read and write
|
||
|
534E000
|
stack
|
page read and write
|
||
|
2E7E000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
2E92000
|
trusted library allocation
|
page read and write
|
||
|
BFD000
|
stack
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
2E76000
|
trusted library allocation
|
page read and write
|
||
|
CDB000
|
trusted library allocation
|
page execute and read and write
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
DA9000
|
heap
|
page read and write
|
||
|
2E39000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
2E65000
|
trusted library allocation
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
2E2E000
|
trusted library allocation
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
2CE5000
|
heap
|
page read and write
|
||
|
2ED2000
|
trusted library allocation
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page read and write
|
||
|
2EBE000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page read and write
|
||
|
544F000
|
stack
|
page read and write
|
||
|
7EE30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
2E0C000
|
trusted library allocation
|
page read and write
|
||
|
2E97000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
stack
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
C8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
2EA8000
|
trusted library allocation
|
page read and write
|
||
|
2E5E000
|
trusted library allocation
|
page read and write
|
||
|
2ED5000
|
trusted library allocation
|
page read and write
|
||
|
2E47000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E31000
|
trusted library allocation
|
page read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
CD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
2EDA000
|
trusted library allocation
|
page read and write
|
||
|
D8F000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
2ECC000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
2E57000
|
trusted library allocation
|
page read and write
|
||
|
2E4C000
|
trusted library allocation
|
page read and write
|
||
|
CC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
2E4A000
|
trusted library allocation
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DD1000
|
trusted library allocation
|
page read and write
|
||
|
2E3F000
|
trusted library allocation
|
page read and write
|
||
|
2E84000
|
trusted library allocation
|
page read and write
|
||
|
2E8C000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
2ECF000
|
trusted library allocation
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
D5A000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
2EEE000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
CCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E9D000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
trusted library allocation
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
2EB3000
|
trusted library allocation
|
page read and write
|
||
|
2E3C000
|
trusted library allocation
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
502D000
|
stack
|
page read and write
|
||
|
72C000
|
stack
|
page read and write
|
||
|
2EAB000
|
trusted library allocation
|
page read and write
|
||
|
2E18000
|
trusted library allocation
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
2DD1000
|
trusted library allocation
|
page read and write
|
||
|
2E8F000
|
trusted library allocation
|
page read and write
|
||
|
2EE3000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
11AF000
|
stack
|
page read and write
|
||
|
2E26000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
2EB9000
|
trusted library allocation
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
2EEB000
|
trusted library allocation
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
4F2E000
|
stack
|
page read and write
|
||
|
2EA5000
|
trusted library allocation
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
2E44000
|
trusted library allocation
|
page read and write
|
||
|
2E52000
|
trusted library allocation
|
page read and write
|
||
|
D9E000
|
heap
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
CAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
heap
|
page execute and read and write
|
||
|
2EC7000
|
trusted library allocation
|
page read and write
|
||
|
2E89000
|
trusted library allocation
|
page read and write
|
There are 109 hidden memdumps, click here to show them.