Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RuntimeBrooker.exe
|
"C:\Users\user\Desktop\RuntimeBrooker.exe"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://crl.chambersign.org/chambersroot.crl0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm0U
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/0m
|
unknown
|
||
|
http://ocsp.accv.es0
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html0
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl0
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://www.firmaprofesional.com/cps0
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://enigmaprotector.com/taggant/spv.crl0
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl0
|
unknown
|
||
|
https://api.iproyal.com/https://api6.my-ip.io/ipidna:
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
https://enigmaprotector.com/taggant/user.crl0
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://www.catcert.net/verarrel
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://crl.chambersign.org/chambersignroot.crl0
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
https://www.catcert.net/verarrel05
|
unknown
|
||
|
http://crl.certigna.fr/certignarootca.crl01
|
unknown
|
||
|
http://www.accv.es00
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/0
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersignroot.html0
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
There are 27 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B5F9DB5000
|
heap
|
page read and write
|
||
|
1B5FA090000
|
heap
|
page read and write
|
||
|
C000158000
|
direct allocation
|
page read and write
|
||
|
B14000
|
unkown
|
page execute and read and write
|
||
|
835000
|
unkown
|
page readonly
|
||
|
1B5F9F30000
|
trusted library allocation
|
page read and write
|
||
|
1B5F85E0000
|
heap
|
page read and write
|
||
|
C000126000
|
direct allocation
|
page read and write
|
||
|
191000
|
unkown
|
page execute and write copy
|
||
|
1B5FA0A0000
|
heap
|
page read and write
|
||
|
1B5F9F30000
|
direct allocation
|
page read and write
|
||
|
1B5FA8D2000
|
heap
|
page read and write
|
||
|
1B5FA6D0000
|
heap
|
page read and write
|
||
|
C00010C000
|
direct allocation
|
page read and write
|
||
|
1B5FA110000
|
heap
|
page read and write
|
||
|
1B5F9F30000
|
trusted library allocation
|
page read and write
|
||
|
767000
|
unkown
|
page execute and write copy
|
||
|
C00005E000
|
direct allocation
|
page read and write
|
||
|
C000023000
|
direct allocation
|
page read and write
|
||
|
2845000
|
unkown
|
page execute and write copy
|
||
|
1BA71FF000
|
stack
|
page read and write
|
||
|
1B5FA310000
|
heap
|
page read and write
|
||
|
767000
|
unkown
|
page read and write
|
||
|
1B5FB25F000
|
heap
|
page read and write
|
||
|
1B5FB254000
|
heap
|
page read and write
|
||
|
C00007E000
|
direct allocation
|
page read and write
|
||
|
C51000
|
unkown
|
page execute and read and write
|
||
|
1B5F9F90000
|
direct allocation
|
page read and write
|
||
|
C000046000
|
direct allocation
|
page read and write
|
||
|
1B5FA7D0000
|
heap
|
page read and write
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
C000054000
|
direct allocation
|
page read and write
|
||
|
1B5F9DB0000
|
heap
|
page read and write
|
||
|
C00007C000
|
direct allocation
|
page read and write
|
||
|
C00005A000
|
direct allocation
|
page read and write
|
||
|
C82000
|
unkown
|
page execute and read and write
|
||
|
C000150000
|
direct allocation
|
page read and write
|
||
|
1B5FFC50000
|
direct allocation
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
1B5F9FE0000
|
heap
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
1EDF000
|
unkown
|
page execute and read and write
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
1B5F83E9000
|
heap
|
page read and write
|
||
|
1B5FA790000
|
heap
|
page read and write
|
||
|
C59000
|
unkown
|
page execute and read and write
|
||
|
AA1000
|
unkown
|
page readonly
|
||
|
B13000
|
unkown
|
page execute and write copy
|
||
|
191000
|
unkown
|
page execute read
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
835000
|
unkown
|
page execute and write copy
|
||
|
C00010E000
|
direct allocation
|
page read and write
|
||
|
1BA75FF000
|
stack
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
C000070000
|
direct allocation
|
page read and write
|
||
|
8CE000
|
unkown
|
page readonly
|
||
|
1B5F83E0000
|
heap
|
page read and write
|
||
|
C00002E000
|
direct allocation
|
page read and write
|
||
|
1B5FB25C000
|
heap
|
page read and write
|
||
|
1BA81FF000
|
stack
|
page read and write
|
||
|
1B5FA080000
|
heap
|
page read and write
|
||
|
1B5F9DE0000
|
heap
|
page read and write
|
||
|
1BA6DF9000
|
stack
|
page read and write
|
||
|
C000112000
|
direct allocation
|
page read and write
|
||
|
7FF8C7010000
|
direct allocation
|
page execute and read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
1B5FB252000
|
heap
|
page read and write
|
||
|
C000156000
|
direct allocation
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
C000033000
|
direct allocation
|
page read and write
|
||
|
B13000
|
unkown
|
page execute and write copy
|
||
|
1B5FA84C000
|
heap
|
page read and write
|
||
|
1BA8DFE000
|
stack
|
page read and write
|
||
|
AA1000
|
unkown
|
page execute and write copy
|
||
|
D85000
|
unkown
|
page execute and read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
1B5F9F3D000
|
direct allocation
|
page read and write
|
||
|
2845000
|
unkown
|
page execute and read and write
|
||
|
1BA7DFF000
|
stack
|
page read and write
|
||
|
82D000
|
unkown
|
page read and write
|
||
|
C000114000
|
direct allocation
|
page read and write
|
||
|
7FF000
|
unkown
|
page read and write
|
||
|
C000035000
|
direct allocation
|
page read and write
|
||
|
1B5FA710000
|
heap
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
1B5F9E60000
|
heap
|
page read and write
|
||
|
C00014E000
|
direct allocation
|
page read and write
|
||
|
1B5F8300000
|
heap
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
283D000
|
unkown
|
page execute and read and write
|
||
|
1BA85FE000
|
stack
|
page read and write
|
||
|
1B5F9EF0000
|
heap
|
page read and write
|
||
|
1B5F83EC000
|
heap
|
page read and write
|
||
|
1B5FA810000
|
heap
|
page read and write
|
||
|
C00014A000
|
direct allocation
|
page read and write
|
||
|
C000038000
|
direct allocation
|
page read and write
|
||
|
C54000
|
unkown
|
page execute and read and write
|
||
|
1B5FA850000
|
heap
|
page read and write
|
||
|
C00001E000
|
direct allocation
|
page read and write
|
||
|
2842000
|
unkown
|
page execute and write copy
|
||
|
1BA89FF000
|
stack
|
page read and write
|
||
|
C46000
|
unkown
|
page execute and read and write
|
||
|
C00003A000
|
direct allocation
|
page read and write
|
||
|
489000
|
unkown
|
page readonly
|
||
|
7FF4B0E60000
|
direct allocation
|
page execute and read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
1B5F9F98000
|
direct allocation
|
page read and write
|
||
|
489000
|
unkown
|
page execute and write copy
|
||
|
C000043000
|
direct allocation
|
page read and write
|
||
|
C000078000
|
direct allocation
|
page read and write
|
||
|
1B5FA841000
|
heap
|
page read and write
|
||
|
C00015C000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
1B5F9F39000
|
direct allocation
|
page read and write
|
||
|
C00013C000
|
direct allocation
|
page read and write
|
||
|
C000020000
|
direct allocation
|
page read and write
|
||
|
1B5FB25C000
|
heap
|
page read and write
|
||
|
1BA79FF000
|
stack
|
page read and write
|
||
|
1B5F9FB0000
|
direct allocation
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
C00004C000
|
direct allocation
|
page read and write
|
||
|
C000073000
|
direct allocation
|
page read and write
|
||
|
1B5F9FC0000
|
direct allocation
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
1B5F9DC0000
|
heap
|
page read and write
|
||
|
805000
|
unkown
|
page read and write
|
||
|
C000018000
|
direct allocation
|
page read and write
|
||
|
190000
|
unkown
|
page readonly
|
||
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
C000138000
|
direct allocation
|
page read and write
|
||
|
1B5F9F34000
|
direct allocation
|
page read and write
|
There are 122 hidden memdumps, click here to show them.