Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\dstrootcax3.p7c (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\dstrootcax3.p7c.crdownload
|
data
|
dropped
|
||
|
Chrome Cache Entry: 41
|
data
|
downloaded
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=2028,i,2520908069897258098,759006925928828793,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://apps.identrust.com/roots/dstrootcax3.p7c"
|
||
|
C:\Program Files\Windows Mail\wab.exe
|
"C:\Program Files\Windows Mail\wab.exe" /certificate "C:\Users\user\Downloads\dstrootcax3.p7c"
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.google.com
|
74.125.136.104
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
74.125.136.104
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
269D7D20000
|
heap
|
page read and write
|
||
|
269D7B68000
|
heap
|
page read and write
|
||
|
269D9510000
|
heap
|
page read and write
|
||
|
8C1DFFF000
|
stack
|
page read and write
|
||
|
269D7AE0000
|
heap
|
page read and write
|
||
|
269D7B80000
|
heap
|
page read and write
|
||
|
269D9514000
|
heap
|
page read and write
|
||
|
269D7B65000
|
heap
|
page read and write
|
||
|
269D7B10000
|
trusted library allocation
|
page read and write
|
||
|
269D7B5B000
|
heap
|
page read and write
|
||
|
269D7D25000
|
heap
|
page read and write
|
||
|
269D7B64000
|
heap
|
page read and write
|
||
|
269D7B38000
|
heap
|
page read and write
|
||
|
269D7B56000
|
heap
|
page read and write
|
||
|
269D9830000
|
heap
|
page read and write
|
||
|
269D79E0000
|
heap
|
page read and write
|
||
|
8C1E07E000
|
stack
|
page read and write
|
||
|
269D7B30000
|
heap
|
page read and write
|
||
|
269D7B6A000
|
heap
|
page read and write
|
||
|
269D7B65000
|
heap
|
page read and write
|
||
|
8C1DE79000
|
stack
|
page read and write
|
||
|
269D7B6E000
|
heap
|
page read and write
|
||
|
269D7B60000
|
heap
|
page read and write
|
||
|
8C1DF7E000
|
stack
|
page read and write
|
||
|
269D7B78000
|
heap
|
page read and write
|
||
|
269D7AC0000
|
heap
|
page read and write
|
||
|
269D9660000
|
heap
|
page read and write
|
||
|
8C1DEFE000
|
stack
|
page read and write
|
||
|
269D7B89000
|
heap
|
page read and write
|
||
|
269D7B6B000
|
heap
|
page read and write
|
||
|
269D7B6A000
|
heap
|
page read and write
|
||
|
269D7B64000
|
heap
|
page read and write
|
||
|
269D7B6E000
|
heap
|
page read and write
|
||
|
269D7B6A000
|
heap
|
page read and write
|
There are 24 hidden memdumps, click here to show them.