Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Proforma Invoice - Order Confirmation S0167655778 - MLS39876 -20242404 (2).pdf.rar
|
RAR archive data, flags: EncryptedBlockHeader
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\Proforma Invoice - Order Confirmation S0167655778 - MLS39876
-20242404 (2).pdf.rar"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\ggxzk2fq.upc" "C:\Users\user\Desktop\Proforma
Invoice - Order Confirmation S0167655778 - MLS39876 -20242404 (2).pdf.rar"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
2968000
|
trusted library allocation
|
page read and write
|
||
|
A15000
|
heap
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
28E5000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page execute and read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
2938000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
982000
|
trusted library allocation
|
page execute and read and write
|
||
|
291F000
|
trusted library allocation
|
page read and write
|
||
|
294C000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
297E000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
292A000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
296D000
|
trusted library allocation
|
page read and write
|
||
|
3EC000
|
stack
|
page read and write
|
||
|
295F000
|
trusted library allocation
|
page read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
297B000
|
trusted library allocation
|
page read and write
|
||
|
2914000
|
trusted library allocation
|
page read and write
|
||
|
2949000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page execute and read and write
|
||
|
28CD000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
2543000
|
heap
|
page read and write
|
||
|
AA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
3881000
|
trusted library allocation
|
page read and write
|
||
|
2903000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
293B000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
559000
|
stack
|
page read and write
|
||
|
2954000
|
trusted library allocation
|
page read and write
|
||
|
2957000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
290E000
|
trusted library allocation
|
page read and write
|
||
|
28DD000
|
trusted library allocation
|
page read and write
|
||
|
292D000
|
trusted library allocation
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
A38000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
ADB000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
28DA000
|
trusted library allocation
|
page read and write
|
||
|
28EF000
|
trusted library allocation
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
28F8000
|
trusted library allocation
|
page read and write
|
||
|
2973000
|
trusted library allocation
|
page read and write
|
||
|
5B5000
|
heap
|
page read and write
|
||
|
98A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2881000
|
trusted library allocation
|
page read and write
|
||
|
AD7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
28D5000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
2933000
|
trusted library allocation
|
page read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
293E000
|
trusted library allocation
|
page read and write
|
||
|
AAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
646000
|
heap
|
page read and write
|
||
|
294F000
|
trusted library allocation
|
page read and write
|
||
|
28F5000
|
trusted library allocation
|
page read and write
|
||
|
291C000
|
trusted library allocation
|
page read and write
|
||
|
2909000
|
trusted library allocation
|
page read and write
|
||
|
556000
|
stack
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
AAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
2946000
|
trusted library allocation
|
page read and write
|
||
|
2543000
|
heap
|
page read and write
|
||
|
664000
|
heap
|
page read and write
|
||
|
2922000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
6AB000
|
heap
|
page read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
28E8000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
stack
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
28EC000
|
trusted library allocation
|
page read and write
|
||
|
2941000
|
trusted library allocation
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2976000
|
trusted library allocation
|
page read and write
|
||
|
2925000
|
trusted library allocation
|
page read and write
|
||
|
7FC30000
|
trusted library allocation
|
page execute and read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
2906000
|
trusted library allocation
|
page read and write
|
||
|
62B000
|
heap
|
page read and write
|
||
|
ACA000
|
trusted library allocation
|
page execute and read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
2917000
|
trusted library allocation
|
page read and write
|
There are 101 hidden memdumps, click here to show them.