Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RuntimeBrooker.exe
|
"C:\Users\user\Desktop\RuntimeBrooker.exe"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm0U
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/0m
|
unknown
|
||
|
http://ocsp.accv.es0
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html0
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://www.firmaprofesional.com/cps0
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://enigmaprotector.com/taggant/spv.crl0
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl0
|
unknown
|
||
|
https://api.iproyal.com/https://api6.my-ip.io/ipidna:
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
https://enigmaprotector.com/taggant/user.crl0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://www.catcert.net/verarrel
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://crl.chambersign.org/chambersignroot.crl0
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
https://www.catcert.net/verarrel05
|
unknown
|
||
|
http://crl.certigna.fr/certignarootca.crl01
|
unknown
|
||
|
http://www.accv.es00
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/0
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersignroot.html0
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
There are 27 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
C000020000
|
direct allocation
|
page read and write
|
||
|
B01000
|
unkown
|
page execute and write copy
|
||
|
28A5000
|
unkown
|
page execute and read and write
|
||
|
1EEE7E10000
|
heap
|
page read and write
|
||
|
1EEE8630000
|
heap
|
page read and write
|
||
|
239B5FF000
|
stack
|
page read and write
|
||
|
1EEE7D4D000
|
direct allocation
|
page read and write
|
||
|
28A2000
|
unkown
|
page execute and write copy
|
||
|
B73000
|
unkown
|
page execute and write copy
|
||
|
C00010E000
|
direct allocation
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
C000114000
|
direct allocation
|
page read and write
|
||
|
23995F9000
|
stack
|
page read and write
|
||
|
1EEE7D40000
|
trusted library allocation
|
page read and write
|
||
|
1F3F000
|
unkown
|
page execute and read and write
|
||
|
C000018000
|
direct allocation
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
239A1FE000
|
stack
|
page read and write
|
||
|
239A9FF000
|
stack
|
page read and write
|
||
|
C000023000
|
direct allocation
|
page read and write
|
||
|
85F000
|
unkown
|
page read and write
|
||
|
4E9000
|
unkown
|
page execute and write copy
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
C000126000
|
direct allocation
|
page read and write
|
||
|
895000
|
unkown
|
page execute and write copy
|
||
|
1EEE92D1000
|
heap
|
page read and write
|
||
|
1EEE92D0000
|
heap
|
page read and write
|
||
|
1EEE876C000
|
heap
|
page read and write
|
||
|
C00015C000
|
direct allocation
|
page read and write
|
||
|
1EEE7DD0000
|
direct allocation
|
page read and write
|
||
|
1EEE8770000
|
heap
|
page read and write
|
||
|
289D000
|
unkown
|
page execute and read and write
|
||
|
1EEE6260000
|
heap
|
page read and write
|
||
|
1EEE7EB0000
|
heap
|
page read and write
|
||
|
CA6000
|
unkown
|
page execute and read and write
|
||
|
1EEE86F0000
|
heap
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
C00003A000
|
direct allocation
|
page read and write
|
||
|
C000073000
|
direct allocation
|
page read and write
|
||
|
C00014E000
|
direct allocation
|
page read and write
|
||
|
1EEE85F0000
|
heap
|
page read and write
|
||
|
C000158000
|
direct allocation
|
page read and write
|
||
|
1F1000
|
unkown
|
page execute read
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
23999FE000
|
stack
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
7C7000
|
unkown
|
page read and write
|
||
|
7FFE22010000
|
direct allocation
|
page execute and read and write
|
||
|
1EEE7EC0000
|
heap
|
page read and write
|
||
|
C00013C000
|
direct allocation
|
page read and write
|
||
|
C000033000
|
direct allocation
|
page read and write
|
||
|
C00007C000
|
direct allocation
|
page read and write
|
||
|
4E9000
|
unkown
|
page readonly
|
||
|
2399DFE000
|
stack
|
page read and write
|
||
|
B73000
|
unkown
|
page execute and write copy
|
||
|
1EEE7F30000
|
heap
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
1EEE7EA0000
|
heap
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
CE2000
|
unkown
|
page execute and read and write
|
||
|
1EEE7D40000
|
direct allocation
|
page read and write
|
||
|
239A5FF000
|
stack
|
page read and write
|
||
|
7FF44BD00000
|
direct allocation
|
page execute and read and write
|
||
|
1EEE8230000
|
heap
|
page read and write
|
||
|
CB9000
|
unkown
|
page execute and read and write
|
||
|
C00004C000
|
direct allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
1EEE7DA0000
|
direct allocation
|
page read and write
|
||
|
1EEE92DD000
|
heap
|
page read and write
|
||
|
1EEE6220000
|
heap
|
page read and write
|
||
|
C00005A000
|
direct allocation
|
page read and write
|
||
|
1EEE62C9000
|
heap
|
page read and write
|
||
|
C00005E000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C00007E000
|
direct allocation
|
page read and write
|
||
|
895000
|
unkown
|
page readonly
|
||
|
239B1FF000
|
stack
|
page read and write
|
||
|
1EEE7D49000
|
direct allocation
|
page read and write
|
||
|
7C7000
|
unkown
|
page execute and write copy
|
||
|
1EEE6280000
|
heap
|
page read and write
|
||
|
C000046000
|
direct allocation
|
page read and write
|
||
|
1EEE7D44000
|
direct allocation
|
page read and write
|
||
|
C00001E000
|
direct allocation
|
page read and write
|
||
|
C000078000
|
direct allocation
|
page read and write
|
||
|
1EEE8730000
|
heap
|
page read and write
|
||
|
1EEE6285000
|
heap
|
page read and write
|
||
|
C000156000
|
direct allocation
|
page read and write
|
||
|
1EEE92D0000
|
heap
|
page read and write
|
||
|
1EEE8F00000
|
heap
|
page read and write
|
||
|
B74000
|
unkown
|
page execute and read and write
|
||
|
C000070000
|
direct allocation
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
1EEE87F0000
|
heap
|
page read and write
|
||
|
1EEE7DA8000
|
direct allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
B01000
|
unkown
|
page readonly
|
||
|
C000150000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
unkown
|
page readonly
|
||
|
92E000
|
unkown
|
page readonly
|
||
|
CB4000
|
unkown
|
page execute and read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
C00002E000
|
direct allocation
|
page read and write
|
||
|
88D000
|
unkown
|
page read and write
|
||
|
1EEE62C0000
|
heap
|
page read and write
|
||
|
1EEE7DC0000
|
direct allocation
|
page read and write
|
||
|
1F1000
|
unkown
|
page execute and write copy
|
||
|
C000035000
|
direct allocation
|
page read and write
|
||
|
239ADFF000
|
stack
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
28A5000
|
unkown
|
page execute and write copy
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
1EEE7E20000
|
direct allocation
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
C00014A000
|
direct allocation
|
page read and write
|
||
|
CB1000
|
unkown
|
page execute and read and write
|
||
|
1EEE6230000
|
heap
|
page read and write
|
||
|
1EEE86B0000
|
heap
|
page read and write
|
||
|
1EEE92D4000
|
heap
|
page read and write
|
||
|
C00010C000
|
direct allocation
|
page read and write
|
||
|
1EEE62CC000
|
heap
|
page read and write
|
||
|
C000054000
|
direct allocation
|
page read and write
|
||
|
1EEE7D40000
|
trusted library allocation
|
page read and write
|
||
|
1EEE8030000
|
heap
|
page read and write
|
||
|
865000
|
unkown
|
page read and write
|
||
|
1EEE8761000
|
heap
|
page read and write
|
||
|
C000043000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
DE5000
|
unkown
|
page execute and read and write
|
||
|
1EEE7FB0000
|
heap
|
page read and write
|
There are 122 hidden memdumps, click here to show them.