IOC Report
94g4KHMj9B.exe

loading gif

Files

File Path
Type
Category
Malicious
94g4KHMj9B.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_94g4KHMj9B.exe_b6575ed36de09c438bf01f2cf3bd5adabbee862_0e460935_81992edc-86d8-4977-93f6-000aff44c863\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER112E.tmp.dmp
Mini DuMP crash report, 15 streams, Mon Dec 23 06:31:02 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1296.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12D5.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\94g4KHMj9B.exe
"C:\Users\user\Desktop\94g4KHMj9B.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3272 -s 1136

URLs

Name
IP
Malicious
https://curl.se/docs/hsts.html
unknown
http://html4/loose.dtd
unknown
http://home.fivetk5ht.top/zldPR
unknown
http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851http://home.fivetk5ht.top/zldPRFrmVFHTtKntGp
unknown
https://httpbin.org/ipbefore
unknown
https://curl.se/docs/http-cookies.html
unknown
http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851
unknown
http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv17345798516963
unknown
http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv17
unknown
http://upx.sf.net
unknown
https://curl.se/docs/alt-svc.html
unknown
http://.css
unknown
http://.jpg
unknown
https://httpbin.org/ip
34.226.108.155
http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851fff::3
unknown
There are 5 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
httpbin.org
34.226.108.155
home.fivetk5ht.top
unknown

IPs

IP
Domain
Country
Malicious
34.226.108.155
httpbin.org
United States

Registry

Path
Value
Malicious
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
ProgramId
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
FileId
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
LowerCaseLongPath
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
LongPathHash
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Name
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
OriginalFileName
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Publisher
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Version
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
BinFileVersion
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
BinaryType
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
ProductName
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
ProductVersion
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
LinkDate
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
BinProductVersion
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
AppxPackageFullName
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
AppxPackageRelativeId
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Size
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Language
\REGISTRY\A\{08e0b0bf-2d36-c380-3431-4c67cac4d09f}\Root\InventoryApplicationFile\94g4khmj9b.exe|16e716521a909bce
Usn
There are 9 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
6B61000
heap
page read and write
646F000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7260000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
C63000
unkown
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
5DEE000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
369E000
stack
page read and write
6B61000
heap
page read and write
19A3000
heap
page read and write
7280000
direct allocation
page execute and read and write
7280000
direct allocation
page execute and read and write
5DAF000
stack
page read and write
8368000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
692E000
stack
page read and write
6B61000
heap
page read and write
361E000
stack
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8270000
heap
page read and write
19C4000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
476E000
stack
page read and write
1991000
heap
page read and write
6B61000
heap
page read and write
7330000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19BE000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7310000
direct allocation
page execute and read and write
8363000
heap
page read and write
759A000
heap
page read and write
6B61000
heap
page read and write
7432000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8365000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
17FE000
stack
page read and write
19BE000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
764A000
heap
page read and write
6B61000
heap
page read and write
66EE000
stack
page read and write
6B61000
heap
page read and write
1DFF000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7410000
heap
page read and write
759D000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8362000
heap
page read and write
18BE000
stack
page read and write
36E0000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
4E2E000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19BF000
heap
page read and write
6B50000
direct allocation
page read and write
187E000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7270000
direct allocation
page execute and read and write
6B61000
heap
page read and write
7340000
direct allocation
page execute and read and write
1945000
heap
page read and write
6B61000
heap
page read and write
190A000
heap
page read and write
19B5000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8368000
heap
page read and write
36DE000
stack
page read and write
6B61000
heap
page read and write
6FF0000
direct allocation
page read and write
64AE000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8365000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
F04000
unkown
page execute and read and write
72B0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
68EF000
stack
page read and write
35DE000
stack
page read and write
6B61000
heap
page read and write
7250000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7730000
direct allocation
page read and write
F09000
unkown
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19B4000
heap
page read and write
72C0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
5BAE000
stack
page read and write
C66000
unkown
page write copy
6B61000
heap
page read and write
8261000
heap
page read and write
8363000
heap
page read and write
6B61000
heap
page read and write
4BEE000
stack
page read and write
520000
unkown
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19B5000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6FB0000
trusted library allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
1790000
heap
page read and write
6B61000
heap
page read and write
572E000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
DEE000
unkown
page execute and read and write
6B61000
heap
page read and write
6FA0000
trusted library allocation
page read and write
6B61000
heap
page read and write
FFB000
unkown
page execute and write copy
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
C66000
unkown
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8365000
heap
page read and write
7411000
heap
page read and write
6B61000
heap
page read and write
526F000
stack
page read and write
FED000
unkown
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
622F000
stack
page read and write
7290000
direct allocation
page execute and read and write
6FF0000
direct allocation
page read and write
6FB0000
trusted library allocation
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6FF0000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
19B5000
heap
page read and write
6B61000
heap
page read and write
49AE000
stack
page read and write
6B61000
heap
page read and write
7390000
direct allocation
page execute and read and write
6B61000
heap
page read and write
54EE000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
AFD000
unkown
page execute and read and write
19B5000
heap
page read and write
19A3000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
19A8000
heap
page read and write
506E000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19BC000
heap
page read and write
6B61000
heap
page read and write
596E000
stack
page read and write
19A8000
heap
page read and write
521000
unkown
page execute and write copy
6B61000
heap
page read and write
6B61000
heap
page read and write
502F000
stack
page read and write
7280000
direct allocation
page execute and read and write
7360000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
1991000
heap
page read and write
6B61000
heap
page read and write
4DEF000
stack
page read and write
6B61000
heap
page read and write
723F000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
52AE000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7640000
heap
page read and write
521000
unkown
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
5FEF000
stack
page read and write
520000
unkown
page readonly
452E000
stack
page read and write
190E000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19A4000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
703B000
stack
page read and write
6B50000
direct allocation
page read and write
6B60000
heap
page read and write
18FB000
stack
page read and write
7280000
direct allocation
page execute and read and write
592F000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
C68000
unkown
page execute and read and write
6B61000
heap
page read and write
19C2000
heap
page read and write
7280000
direct allocation
page execute and read and write
4BAF000
stack
page read and write
3AEF000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
75CC000
direct allocation
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
1BFF000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
602E000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8381000
heap
page read and write
42EF000
stack
page read and write
8362000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7411000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
FFA000
unkown
page execute and read and write
365E000
stack
page read and write
7380000
direct allocation
page execute and read and write
19AF000
heap
page read and write
19B5000
heap
page read and write
6B61000
heap
page read and write
766B000
heap
page read and write
6B61000
heap
page read and write
1900000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
1830000
heap
page read and write
75D6000
direct allocation
page read and write
8368000
heap
page read and write
6B61000
heap
page read and write
FFA000
unkown
page execute and write copy
8363000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19A0000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
38EF000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
66AF000
stack
page read and write
6B61000
heap
page read and write
7370000
direct allocation
page execute and read and write
11B9000
unkown
page execute and read and write
7280000
direct allocation
page execute and read and write
19BE000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
54AF000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19BE000
heap
page read and write
1942000
heap
page read and write
199B000
heap
page read and write
5B6F000
stack
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
496F000
stack
page read and write
6B61000
heap
page read and write
36E7000
heap
page read and write
6B61000
heap
page read and write
6B30000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
1820000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7732000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8365000
heap
page read and write
1991000
heap
page read and write
72F0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
1999000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
19C6000
heap
page read and write
19A8000
heap
page read and write
626E000
stack
page read and write
11BB000
unkown
page execute and write copy
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
8368000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
56EF000
stack
page read and write
3EEF000
stack
page read and write
72A0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
72D0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
44EF000
stack
page read and write
6B61000
heap
page read and write
1835000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
199B000
heap
page read and write
8368000
heap
page read and write
6B61000
heap
page read and write
40EF000
stack
page read and write
76F5000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
16B0000
heap
page read and write
19BA000
heap
page read and write
19C2000
heap
page read and write
8260000
heap
page read and write
6B61000
heap
page read and write
72E0000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6FB0000
trusted library allocation
page read and write
6B61000
heap
page read and write
7320000
direct allocation
page execute and read and write
7300000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
19A8000
heap
page read and write
6B61000
heap
page read and write
145B000
stack
page read and write
6B61000
heap
page read and write
FE4000
unkown
page execute and read and write
7D5C000
heap
page read and write
6B61000
heap
page read and write
194D000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
165B000
stack
page read and write
3CEF000
stack
page read and write
6B50000
direct allocation
page read and write
8360000
heap
page read and write
6B61000
heap
page read and write
1999000
heap
page read and write
8363000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
7350000
direct allocation
page execute and read and write
6B61000
heap
page read and write
8365000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
8361000
heap
page read and write
6B61000
heap
page read and write
6B2F000
stack
page read and write
19BE000
heap
page read and write
472F000
stack
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B50000
direct allocation
page read and write
6B61000
heap
page read and write
6FF0000
direct allocation
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
6B61000
heap
page read and write
C61000
unkown
page execute and read and write
7280000
direct allocation
page execute and read and write
19C4000
heap
page read and write
6B61000
heap
page read and write
7400000
heap
page read and write
6B61000
heap
page read and write
7280000
direct allocation
page execute and read and write
There are 515 hidden memdumps, click here to show them.