Filemail logo
Process created: C:\Windows \System32\ conhost.ex e C:\Windo ws\system3 2\conhost. com/api/fi le/get?fil ekey=-Vhw3 lRB7wp2pCw vhye9Eah9n vGJ4uDAFKN wyrxo9HBjG iAO-qy2GjH 99JRHFCrP4 Ke2izY5Yg& track=uQ7f LSYn' > cm dline.out 2>&1 Process created: C:\Windows \SysWOW64\ cmd.exe C: \Windows\s ystem32\cm d.exe /c w get -t 2 - v -T 60 -P 'C:\Users \user\Desk top\downlo ad' -no-c heck-certi ficate -c ontent-dis position -user-agen t='Mozilla /5.0 (Wind ows NT 6.1 WOW64 T rident/7.0 AS rv:1 1.0) like Gecko' 'ht tps://3008. Key opened: HKEY_CURRE NT_USER\So ftware\Pol icies\Micr osoft\Wind ows\Safer\ CodeIdenti fiersįile read: C:\Windows \System32\ drivers\et c\hosts Mutant created: \Sessions\ 1\BaseName dObjects\L ocal\SM0:6 468:120:Wi lError_01 Source: C:\Windows \System32\ conhost.ex e Network traffic detected: HTTP traff ic on port 49738 -> 443Ĭlassification label: clean0.win files inside the user directoryįile created: C:\Users\u ser\Deskto p\cmdline. Network traffic detected: HTTP traff ic on port 443 -> 49 738 Network traffic detected: HTTP traff ic on port 49740 -> 443 Network traffic detected: HTTP traff ic on port 49741 -> 443 Network traffic detected: HTTP traff ic on port 443 -> 49 740
Network traffic detected: HTTP traff ic on port 443 -> 49 741 String found in binary or memory: w.googleta gmanager.c om/ns.html ?id=GTM-PF 75NR String found in binary or memory: w.googleta gmanager.c om/gtm.js? id=GTM-PF7 5NR String found in binary or memory: w.google.c om/recaptc ha/api.js? onload=_o nRecaptcha Load&rende r=explicit String found in binary or memory: w.filemail. String found in binary or memory: dget.inter com.io/wid get/p41r18 ox String found in binary or memory: pport.file String found in binary or memory: od o.com/CPS0 String found in binary or memory: nts.gstati c.com/s/la to/v16/S6u yw4BMUTPHj xAwXjeu.wo ff2) String found in binary or memory: nts.gstati c.com/s/la to/v16/S6u yw4BMUTPHj x4wXg.woff 2) String found in binary or memory: l.email/uQ 7fLSYn0 String found in binary or memory: l.email/uQ 7fLSYn String found in binary or memory: n.branch.i o/branch-l atest.min. String found in binary or memory: 08.filemai l.com/api/ file/get?f ilekey=-Vh w3lRB7wp2p Cwvhye9Eah 9nvGJ4uDAF KNwyrxo9HB jGiAO-qy2G
String found in binary or memory: p.comodoca.
com/COMODO RSADomainV alidationS ecureServe rCA.crlN4W com/COMODO RSADomainV alidationS ecureServe rCA.crl0 com/COMODO RSADomainV alidationS ecureServe rCA.crl com/COMODO RSACertifi cationAuth ority.crlG B1 com/COMODO RSACertifi cationAuth ority.crl0 q com/COMODO RSACertifi cationAuth ority.crl DNS traffic detected: queries fo r: 3008.fi