Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
YGPRDS01_2024-04-26_03_35_12.538 (1).zip
|
Zip archive data, at least v4.5 to extract, compression method=deflate
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\unarchiver.exe
|
"C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Desktop\YGPRDS01_2024-04-26_03_35_12.538 (1).zip"
|
||
|
C:\Windows\SysWOW64\7za.exe
|
"C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\ai20ytml.mne" "C:\Users\user\Desktop\YGPRDS01_2024-04-26_03_35_12.538
(1).zip"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
7D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
2926000
|
trusted library allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
290F000
|
trusted library allocation
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
7C2000
|
trusted library allocation
|
page execute and read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
28C1000
|
trusted library allocation
|
page read and write
|
||
|
7A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2860000
|
trusted library allocation
|
page read and write
|
||
|
2918000
|
trusted library allocation
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
2876000
|
trusted library allocation
|
page read and write
|
||
|
292B000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
trusted library allocation
|
page read and write
|
||
|
C8F000
|
stack
|
page read and write
|
||
|
28E8000
|
trusted library allocation
|
page read and write
|
||
|
288D000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
7CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
28F1000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
792000
|
trusted library allocation
|
page execute and read and write
|
||
|
287A000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
2915000
|
trusted library allocation
|
page read and write
|
||
|
4B1D000
|
stack
|
page read and write
|
||
|
536000
|
stack
|
page read and write
|
||
|
28A6000
|
trusted library allocation
|
page read and write
|
||
|
2912000
|
trusted library allocation
|
page read and write
|
||
|
290A000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
2885000
|
trusted library allocation
|
page read and write
|
||
|
291D000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
7AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2904000
|
trusted library allocation
|
page read and write
|
||
|
28F9000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
28F6000
|
trusted library allocation
|
page read and write
|
||
|
287D000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
28B3000
|
trusted library allocation
|
page read and write
|
||
|
28AE000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
28A3000
|
trusted library allocation
|
page read and write
|
||
|
7DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EB000
|
trusted library allocation
|
page read and write
|
||
|
2878000
|
trusted library allocation
|
page read and write
|
||
|
2931000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page execute and read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
2882000
|
trusted library allocation
|
page read and write
|
||
|
2895000
|
trusted library allocation
|
page read and write
|
||
|
79A000
|
trusted library allocation
|
page execute and read and write
|
||
|
28DD000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
83D000
|
stack
|
page read and write
|
||
|
28D2000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
trusted library allocation
|
page read and write
|
||
|
68C000
|
stack
|
page read and write
|
||
|
28FC000
|
trusted library allocation
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
2934000
|
trusted library allocation
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
7F6B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
735000
|
heap
|
page read and write
|
||
|
81A000
|
heap
|
page read and write
|
||
|
28C4000
|
trusted library allocation
|
page read and write
|
||
|
539000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
28DA000
|
trusted library allocation
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
2898000
|
trusted library allocation
|
page read and write
|
||
|
293F000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
2920000
|
trusted library allocation
|
page read and write
|
||
|
28EE000
|
trusted library allocation
|
page read and write
|
||
|
2923000
|
trusted library allocation
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
2939000
|
trusted library allocation
|
page read and write
|
||
|
3821000
|
trusted library allocation
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
28CF000
|
trusted library allocation
|
page read and write
|
||
|
2821000
|
trusted library allocation
|
page read and write
|
||
|
28B9000
|
trusted library allocation
|
page read and write
|
||
|
28D5000
|
trusted library allocation
|
page read and write
|
||
|
84E000
|
heap
|
page read and write
|
||
|
293C000
|
trusted library allocation
|
page read and write
|
||
|
25E5000
|
heap
|
page read and write
|
||
|
28E3000
|
trusted library allocation
|
page read and write
|
||
|
28CC000
|
trusted library allocation
|
page read and write
|
||
|
2907000
|
trusted library allocation
|
page read and write
|
||
|
D8F000
|
stack
|
page read and write
|
||
|
485E000
|
stack
|
page read and write
|
||
|
28C7000
|
trusted library allocation
|
page read and write
|
||
|
28BE000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
292E000
|
trusted library allocation
|
page read and write
|
||
|
4E3E000
|
stack
|
page read and write
|
||
|
78D000
|
stack
|
page read and write
|
||
|
43C000
|
stack
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page read and write
|
There are 106 hidden memdumps, click here to show them.