Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_9d37165d566cda7f9f5226822267a83bf9f9dc0_2c478989_8cf7d0dd-4bb6-4915-b0e9-ec34a2b367be\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDFB.tmp.dmp
|
Mini DuMP crash report, 14 streams, Fri Nov 1 07:24:09 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE4A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE89.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.15779.29510.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 7796 -s 200
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
ProgramId
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
FileId
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
LongPathHash
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Name
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
OriginalFileName
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Publisher
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Version
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
BinFileVersion
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
BinaryType
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
ProductName
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
ProductVersion
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
LinkDate
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
BinProductVersion
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Size
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Language
|
||
|
\REGISTRY\A\{04384833-2694-8c16-cdd7-cc0ee6018f2d}\Root\InventoryApplicationFile\securiteinfo.com|d1d3270275505380
|
Usn
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
301C000
|
stack
|
page read and write
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
56BB000
|
trusted library allocation
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
746F000
|
stack
|
page read and write
|
||
|
3070000
|
heap
|
page execute and read and write
|
||
|
313B000
|
trusted library allocation
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
3041000
|
trusted library allocation
|
page read and write
|
||
|
1819000
|
direct allocation
|
page execute and read and write
|
||
|
78C2000
|
trusted library allocation
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
D0C000
|
stack
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
1353000
|
trusted library allocation
|
page execute and read and write
|
||
|
137E000
|
heap
|
page read and write
|
||
|
5760000
|
heap
|
page read and write
|
||
|
16C3000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
71C0000
|
heap
|
page read and write
|
||
|
302B000
|
trusted library allocation
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page read and write
|
||
|
D92000
|
unkown
|
page readonly
|
||
|
5750000
|
heap
|
page read and write
|
||
|
1672000
|
trusted library allocation
|
page read and write
|
||
|
EC5E000
|
stack
|
page read and write
|
||
|
1682000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
19B6000
|
direct allocation
|
page execute and read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
CC8000
|
unkown
|
page readonly
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
16D7000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library section
|
page readonly
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1137000
|
stack
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
heap
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
1363000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
1676000
|
trusted library allocation
|
page execute and read and write
|
||
|
71CE000
|
heap
|
page read and write
|
||
|
1687000
|
trusted library allocation
|
page execute and read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
13A4000
|
heap
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
5600000
|
trusted library allocation
|
page execute and read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
7FAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB1E000
|
stack
|
page read and write
|
||
|
168B000
|
trusted library allocation
|
page execute and read and write
|
||
|
137A000
|
heap
|
page read and write
|
||
|
19BD000
|
direct allocation
|
page execute and read and write
|
||
|
EB5E000
|
stack
|
page read and write
|
||
|
13DA000
|
heap
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
573B000
|
stack
|
page read and write
|
||
|
804E000
|
stack
|
page read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
142B000
|
heap
|
page read and write
|
||
|
19A1000
|
direct allocation
|
page execute and read and write
|
||
|
74D2000
|
heap
|
page read and write
|
||
|
7490000
|
heap
|
page read and write
|
||
|
56EB000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
768E000
|
stack
|
page read and write
|
||
|
1354000
|
trusted library allocation
|
page read and write
|
||
|
77B6000
|
trusted library allocation
|
page read and write
|
||
|
C92000
|
unkown
|
page readonly
|
||
|
4089000
|
trusted library allocation
|
page read and write
|
||
|
5575000
|
trusted library allocation
|
page read and write
|
||
|
74A8000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
5790000
|
heap
|
page execute and read and write
|
||
|
32EC000
|
trusted library allocation
|
page read and write
|
||
|
11ED000
|
stack
|
page read and write
|
||
|
188E000
|
direct allocation
|
page execute and read and write
|
||
|
13B2000
|
heap
|
page read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
167A000
|
trusted library allocation
|
page execute and read and write
|
||
|
77B0000
|
trusted library allocation
|
page read and write
|
||
|
48DB000
|
trusted library allocation
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
303E000
|
trusted library allocation
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
778F000
|
stack
|
page read and write
|
||
|
5A75000
|
heap
|
page read and write
|
||
|
135D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
16F0000
|
direct allocation
|
page execute and read and write
|
||
|
5770000
|
trusted library allocation
|
page execute and read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
136D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
1A38000
|
direct allocation
|
page execute and read and write
|
||
|
56B2000
|
trusted library allocation
|
page read and write
|
||
|
40C6000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
stack
|
page read and write
|
||
|
7F80000
|
trusted library section
|
page read and write
|
||
|
5088000
|
trusted library allocation
|
page read and write
|
||
|
74AC000
|
heap
|
page read and write
|
||
|
181D000
|
direct allocation
|
page execute and read and write
|
||
|
3046000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
heap
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page execute and read and write
|
There are 126 hidden memdumps, click here to show them.