Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
Chrome Cache Entry: 62
|
ASCII text, with very long lines (553)
|
downloaded
|
||
Chrome Cache Entry: 63
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 64
|
Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
|
downloaded
|
||
Chrome Cache Entry: 65
|
ASCII text, with no line terminators
|
downloaded
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --app="https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd"
--start-fullscreen --no-first-run --disable-session-crashed-bubble --disable-features=CrashRecovery
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2012,i,1735080414500895824,7393849833326395272,262144
--disable-features=CrashRecovery /prefetch:8
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://accounts.google
|
unknown
|
||
https://apis.google.com/js/api.js
|
unknown
|
||
https://www.google.com/favicon.ico
|
142.250.184.196
|
||
https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
youtube-ui.l.google.com
|
142.250.185.174
|
||
www.google.com
|
142.250.184.196
|
||
youtube.com
|
142.250.186.110
|
||
www.youtube.com
|
unknown
|
||
86.23.85.13.in-addr.arpa
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.250.184.196
|
www.google.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
142.250.185.174
|
youtube-ui.l.google.com
|
United States
|
||
142.250.186.110
|
youtube.com
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
CA4000
|
heap
|
page read and write
|
||
B04000
|
unkown
|
page readonly
|
||
E50000
|
heap
|
page read and write
|
||
C60000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
AFC000
|
unkown
|
page write copy
|
||
E82000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
E8A000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
E85000
|
heap
|
page read and write
|
||
9CF000
|
stack
|
page read and write
|
||
329000
|
stack
|
page read and write
|
||
E82000
|
heap
|
page read and write
|
||
C2E000
|
stack
|
page read and write
|
||
A31000
|
unkown
|
page execute read
|
||
E58000
|
heap
|
page read and write
|
||
3511000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
9BF000
|
stack
|
page read and write
|
||
3DE000
|
stack
|
page read and write
|
||
C40000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
E6F000
|
heap
|
page read and write
|
||
AF2000
|
unkown
|
page readonly
|
||
E82000
|
heap
|
page read and write
|
||
9DB000
|
stack
|
page read and write
|
||
B00000
|
unkown
|
page write copy
|
||
A31000
|
unkown
|
page execute read
|
||
3511000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
AFC000
|
unkown
|
page read and write
|
||
E7A000
|
heap
|
page read and write
|
||
E82000
|
heap
|
page read and write
|
||
390000
|
heap
|
page read and write
|
||
9FE000
|
stack
|
page read and write
|
||
E74000
|
heap
|
page read and write
|
||
CA4000
|
heap
|
page read and write
|
||
A30000
|
unkown
|
page readonly
|
||
E40000
|
heap
|
page read and write
|
||
9EF000
|
stack
|
page read and write
|
||
C44000
|
heap
|
page read and write
|
||
E82000
|
heap
|
page read and write
|
||
3E0000
|
heap
|
page read and write
|
||
CA0000
|
heap
|
page read and write
|
||
E82000
|
heap
|
page read and write
|
||
1A4E000
|
stack
|
page read and write
|
||
E82000
|
heap
|
page read and write
|
||
B04000
|
unkown
|
page readonly
|
||
ACC000
|
unkown
|
page readonly
|
||
3610000
|
trusted library allocation
|
page read and write
|
||
3510000
|
heap
|
page read and write
|
||
E76000
|
heap
|
page read and write
|
||
A30000
|
unkown
|
page readonly
|
||
ACC000
|
unkown
|
page readonly
|
||
CA4000
|
heap
|
page read and write
|
||
E75000
|
heap
|
page read and write
|
||
AF2000
|
unkown
|
page readonly
|
||
E74000
|
heap
|
page read and write
|
||
164E000
|
stack
|
page read and write
|
There are 50 hidden memdumps, click here to show them.