IOC Report
flsqHAiH9d8PzK6.exe

loading gifFilesProcessesURLsDomainsIPsRegistryMemdumps642010010Label

Files

File Path
Type
Category
Malicious
Download
flsqHAiH9d8PzK6.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\flsqHAiH9d8PzK6.exe.log
CSV text
dropped
 malicious
C:\Users\user\AppData\Local\Temp\checker.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_flsqHAiH9d8PzK6._4a4933229d4ec7060e7844c8b3dbaa55ace66_4e956dbf_3141c4e9-eaee-4030-9bdb-a6304fa6d365\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_flsqHAiH9d8PzK6._4a4933229d4ec7060e7844c8b3dbaa55ace66_4e956dbf_4aad84fe-d5ff-4819-a478-fe1d1f77909f\Report.wer
Unknown
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER390F.tmp.dmp
Mini DuMP crash report, 15 streams, Wed Mar 26 17:49:04 2025, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3A49.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3A88.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7AEB.tmp.dmp
Unknown
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7BD6.tmp.WERInternalMetadata.xml
Unknown
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C35.tmp.xml
Unknown
dropped
There are 3 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\flsqHAiH9d8PzK6.exe
"C:\Users\user\Desktop\flsqHAiH9d8PzK6.exe"
 malicious
C:\Users\user\Desktop\flsqHAiH9d8PzK6.exe
"C:\Users\user\Desktop\flsqHAiH9d8PzK6.exe"
 malicious
C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe
"C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe"
malicious
C:\Users\user\AppData\Local\Temp\checker.exe
"C:\Users\user\AppData\Local\Temp\checker.exe"
malicious
C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe
"C:\Users\user\AppData\Local\flsqHAiH9d8PzK6.exe"
malicious
C:\Users\user\AppData\Local\Temp\checker.exe
"C:\Users\user\AppData\Local\Temp\checker.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8688 -s 1144
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4480 -s 1112

URLs

Name
IP
Malicious
term-infrastructure.gl.at.ply.gg
malicious
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown

Domains

Name
IP
Malicious
term-infrastructure.gl.at.ply.gg
147.185.221.26

IPs

IP
Domain
Country
Malicious
147.185.221.26
term-infrastructure.gl.at.ply.gg
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
666999666
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
checker
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
00180013B9570CBE

Memdumps

Base Address
Regiontype
Protect
Malicious
Download
2EF1000
trusted library allocation
page read and write
 malicious
33CA000
trusted library allocation
page read and write
 malicious
882000
unkown
page readonly
 malicious
5B60000
trusted library section
page read and write
 malicious
402000
remote allocation
page execute and read and write
 malicious
2CE3000
trusted library allocation
page read and write
F00000
trusted library allocation
page read and write
1280000
trusted library allocation
page execute and read and write
1155000
heap
page read and write
26C0000
trusted library allocation
page read and write
2BE0000
trusted library allocation
page execute and read and write
E6C000
stack
page read and write
558E000
stack
page read and write
591E000
stack
page read and write
14B0000
trusted library allocation
page read and write
56CE000
stack
page read and write
146F000
stack
page read and write
6250000
trusted library allocation
page execute and read and write
F57000
heap
page read and write
1240000
trusted library allocation
page read and write
61E0000
heap
page read and write
27DE000
stack
page read and write
15B0000
heap
page read and write
300B000
trusted library allocation
page read and write
1050000
trusted library allocation
page read and write
2CF0000
trusted library allocation
page read and write
2E3C000
stack
page read and write
14F8000
stack
page read and write
135C000
heap
page read and write
571F000
stack
page read and write
3BB1000
trusted library allocation
page read and write
5A1E000
stack
page read and write
174F000
stack
page read and write
256D000
trusted library allocation
page execute and read and write
47E8000
trusted library allocation
page read and write
541E000
stack
page read and write
5A8E000
stack
page read and write
5C2C000
stack
page read and write
12B3000
heap
page read and write
1054000
trusted library allocation
page read and write
14CD000
trusted library allocation
page execute and read and write
26D9000
heap
page read and write
57EE000
stack
page read and write
3380000
trusted library allocation
page read and write
50CE000
stack
page read and write
53DE000
stack
page read and write
1270000
trusted library allocation
page read and write
52D0000
trusted library allocation
page read and write
18A4000
trusted library allocation
page read and write
5D29000
stack
page read and write
2590000
trusted library allocation
page read and write
5610000
trusted library allocation
page read and write
14E7000
trusted library allocation
page execute and read and write
60D9000
trusted library allocation
page read and write
61F0000
heap
page read and write
18F0000
trusted library allocation
page read and write
B05000
heap
page read and write
35BB000
trusted library allocation
page read and write
14FB000
trusted library allocation
page execute and read and write
3EF1000
trusted library allocation
page read and write
1814000
heap
page read and write
1233000
trusted library allocation
page read and write
C68000
heap
page read and write
15A0000
trusted library allocation
page read and write
94B000
stack
page read and write
9D0000
heap
page read and write
10E5000
heap
page read and write
EF0000
heap
page read and write
D40000
heap
page read and write
7F7B0000
trusted library allocation
page execute and read and write
9C0000
heap
page read and write
137B000
heap
page read and write
10C0000
heap
page read and write
12F4000
heap
page read and write
5E89000
stack
page read and write
5BD6000
trusted library allocation
page read and write
5E40000
trusted library allocation
page execute and read and write
1247000
trusted library allocation
page execute and read and write
6310000
trusted library allocation
page execute and read and write
2CBE000
stack
page read and write
1822000
heap
page read and write
29EE000
stack
page read and write
1210000
trusted library allocation
page read and write
7F480000
trusted library allocation
page execute and read and write
5BD3000
trusted library allocation
page read and write
2B5C000
stack
page read and write
4418000
trusted library allocation
page read and write
381F000
trusted library allocation
page read and write
400000
remote allocation
page execute and read and write
D3C000
stack
page read and write
4A7F000
stack
page read and write
12D8000
trusted library allocation
page read and write
F04000
trusted library allocation
page read and write
F9B000
heap
page read and write
3399000
heap
page read and write
107E000
stack
page read and write
1348000
heap
page read and write
5A9E000
stack
page read and write
27EC000
trusted library allocation
page read and write
1890000
trusted library allocation
page read and write
127E000
heap
page read and write
2976000
trusted library allocation
page execute and read and write
2960000
trusted library allocation
page read and write
2D68000
trusted library allocation
page read and write
5F10000
heap
page read and write
2A50000
trusted library allocation
page read and write
582E000
stack
page read and write
5F9E000
stack
page read and write
5600000
trusted library allocation
page read and write
1060000
heap
page read and write
10B0000
trusted library allocation
page read and write
3F88000
trusted library allocation
page read and write
2963000
trusted library allocation
page read and write
43DF000
trusted library allocation
page read and write
15A7000
trusted library allocation
page read and write
5D80000
trusted library allocation
page execute and read and write
AE0000
heap
page read and write
D6E000
stack
page read and write
1570000
heap
page read and write
1590000
trusted library allocation
page read and write
1510000
trusted library allocation
page read and write
B00000
heap
page read and write
EBE000
stack
page read and write
3390000
heap
page read and write
1270000
heap
page read and write
14F7000
trusted library allocation
page execute and read and write
3330000
heap
page execute and read and write
5760000
heap
page read and write
7F740000
trusted library allocation
page execute and read and write
5A5D000
stack
page read and write
4ECE000
stack
page read and write
26D0000
heap
page read and write
14C4000
trusted library allocation
page read and write
589B000
trusted library allocation
page read and write
2CC0000
trusted library allocation
page read and write
CE5000
heap
page read and write
1310000
heap
page read and write
27E1000
trusted library allocation
page read and write
FE3000
heap
page read and write
A00000
heap
page read and write
D68000
heap
page read and write
188E000
stack
page read and write
5897000
trusted library allocation
page read and write
5B5E000
stack
page read and write
2970000
trusted library allocation
page read and write
2F5F000
stack
page read and write
4159000
trusted library allocation
page read and write
5BC9000
trusted library allocation
page read and write
1838000
heap
page read and write
14E0000
trusted library allocation
page read and write
54A0000
trusted library allocation
page read and write
B18000
unkown
page readonly
5F90000
heap
page read and write
2BDE000
stack
page read and write
1053000
trusted library allocation
page execute and read and write
1020000
trusted library allocation
page read and write
1037000
trusted library allocation
page execute and read and write
26B7000
trusted library allocation
page read and write
53E9000
stack
page read and write
F0D000
trusted library allocation
page execute and read and write
8E4000
unkown
page readonly
57F0000
heap
page read and write
3FD8000
trusted library allocation
page read and write
5890000
trusted library allocation
page read and write
1030000
heap
page read and write
CF7000
stack
page read and write
54D0000
heap
page execute and read and write
EF0000
trusted library allocation
page read and write
12D1000
heap
page read and write
2EBB000
trusted library allocation
page read and write
FD0000
heap
page read and write
613C000
stack
page read and write
133A000
heap
page read and write
61DD000
stack
page read and write
5A80000
heap
page read and write
5460000
trusted library allocation
page execute and read and write
2EBD000
trusted library allocation
page read and write
2E50000
heap
page read and write
25FE000
stack
page read and write
2E11000
trusted library allocation
page read and write
510C000
stack
page read and write
2CE0000
trusted library allocation
page read and write
5940000
heap
page read and write
5E5D000
stack
page read and write
D20000
heap
page read and write
2AA0000
heap
page read and write
F4A000
heap
page read and write
10B0000
heap
page read and write
1040000
trusted library allocation
page read and write
54C0000
trusted library allocation
page execute and read and write
5489000
trusted library allocation
page read and write
5E10000
heap
page read and write
1560000
trusted library allocation
page execute and read and write
18CA000
trusted library allocation
page execute and read and write
1A80000
heap
page read and write
5BE0000
trusted library allocation
page read and write
9BC000
stack
page read and write
882000
unkown
page readonly
5D5C000
stack
page read and write
F55000
heap
page read and write
2A4C000
stack
page read and write
5E3E000
stack
page read and write
59DE000
stack
page read and write
F28000
heap
page read and write
2E59000
heap
page read and write
18C0000
trusted library allocation
page read and write
5A5E000
stack
page read and write
125F000
stack
page read and write
129E000
heap
page read and write
2EEE000
stack
page read and write
12A6000
heap
page read and write
1140000
heap
page read and write
5AF0000
heap
page execute and read and write
60F0000
trusted library allocation
page read and write
5830000
trusted library allocation
page execute and read and write
18B3000
trusted library allocation
page read and write
55A0000
heap
page execute and read and write
5D3E000
stack
page read and write
10AC000
stack
page read and write
FCF000
heap
page read and write
4D4D000
stack
page read and write
798000
stack
page read and write
2D07000
heap
page read and write
1252000
trusted library allocation
page read and write
2CE6000
trusted library allocation
page read and write
5B60000
heap
page read and write
2A60000
trusted library allocation
page read and write
13CE000
stack
page read and write
598E000
stack
page read and write
3E88000
trusted library allocation
page read and write
53CE000
stack
page read and write
3F61000
trusted library allocation
page read and write
60E6000
trusted library allocation
page read and write
193E000
stack
page read and write
56EE000
stack
page read and write
D70000
heap
page read and write
10BD000
stack
page read and write
18DB000
trusted library allocation
page execute and read and write
54CE000
stack
page read and write
5BD0000
trusted library allocation
page read and write
2CD0000
heap
page execute and read and write
2560000
trusted library allocation
page read and write
1356000
heap
page read and write
EC0000
heap
page read and write
57AE000
stack
page read and write
298B000
trusted library allocation
page execute and read and write
DFA000
heap
page read and write
7FD80000
trusted library allocation
page execute and read and write
29F0000
trusted library allocation
page execute and read and write
39D9000
trusted library allocation
page read and write
2980000
trusted library allocation
page read and write
5ADE000
stack
page read and write
B4E000
stack
page read and write
5480000
trusted library allocation
page read and write
1066000
heap
page read and write
553E000
stack
page read and write
53A8000
trusted library allocation
page read and write
69C000
stack
page read and write
CF8000
stack
page read and write
2B70000
trusted library allocation
page read and write
332E000
stack
page read and write
2587000
trusted library allocation
page execute and read and write
F03000
trusted library allocation
page execute and read and write
2640000
heap
page execute and read and write
103B000
trusted library allocation
page execute and read and write
13D0000
heap
page read and write
AF0000
heap
page read and write
18AD000
trusted library allocation
page execute and read and write
2CC9000
trusted library allocation
page read and write
29A0000
trusted library allocation
page read and write
CD6000
heap
page read and write
5606000
trusted library allocation
page read and write
183A000
heap
page read and write
1050000
trusted library allocation
page read and write
4EF0000
trusted library allocation
page read and write
5759000
stack
page read and write
10B0000
heap
page read and write
2563000
trusted library allocation
page execute and read and write
2BAE000
stack
page read and write
153E000
stack
page read and write
268E000
stack
page read and write
D2B000
heap
page read and write
5B5E000
stack
page read and write
105D000
trusted library allocation
page execute and read and write
1440000
heap
page read and write
17CE000
heap
page read and write
542E000
stack
page read and write
3878000
trusted library allocation
page read and write
C60000
heap
page read and write
C97000
heap
page read and write
14D3000
trusted library allocation
page read and write
3FF8000
trusted library allocation
page read and write
1250000
trusted library allocation
page read and write
12CF000
stack
page read and write
F13000
trusted library allocation
page read and write
2DA0000
trusted library allocation
page read and write
11EF000
stack
page read and write
5930000
trusted library allocation
page execute and read and write
4EF9000
trusted library allocation
page read and write
1A60000
heap
page read and write
556E000
stack
page read and write
124A000
trusted library allocation
page execute and read and write
102A000
trusted library allocation
page execute and read and write
5B50000
trusted library allocation
page execute and read and write
18A0000
trusted library allocation
page read and write
5F9E000
stack
page read and write
1027000
trusted library allocation
page execute and read and write
5800000
heap
page read and write
1290000
heap
page read and write
141C000
stack
page read and write
2D09000
heap
page read and write
570E000
stack
page read and write
DA0000
heap
page read and write
1470000
heap
page read and write
1575000
heap
page read and write
6320000
heap
page read and write
F5C000
heap
page read and write
2B77000
trusted library allocation
page read and write
3EA8000
trusted library allocation
page read and write
D60000
heap
page read and write
18A3000
trusted library allocation
page execute and read and write
56AE000
stack
page read and write
3BB9000
trusted library allocation
page read and write
2580000
trusted library allocation
page read and write
F20000
heap
page read and write
D3C000
heap
page read and write
11CF000
stack
page read and write
54B0000
heap
page read and write
538F000
stack
page read and write
12C1000
heap
page read and write
2E57000
heap
page read and write
592E000
stack
page read and write
5AAE000
stack
page read and write
5D30000
heap
page read and write
3858000
trusted library allocation
page read and write
1580000
heap
page execute and read and write
1030000
trusted library allocation
page read and write
1758000
heap
page read and write
2690000
trusted library allocation
page execute and read and write
4FEE000
stack
page read and write
113E000
stack
page read and write
5E9E000
stack
page read and write
2972000
trusted library allocation
page read and write
7FD10000
trusted library allocation
page execute and read and write
337C000
stack
page read and write
548F000
stack
page read and write
2CF8000
trusted library allocation
page read and write
154E000
stack
page read and write
2D00000
heap
page read and write
1818000
heap
page read and write
1570000
trusted library allocation
page read and write
18C7000
trusted library allocation
page execute and read and write
10FE000
stack
page read and write
55CE000
stack
page read and write
3EE0000
trusted library allocation
page read and write
5A90000
trusted library allocation
page execute and read and write
4470000
trusted library allocation
page read and write
2D90000
trusted library allocation
page read and write
4009000
trusted library allocation
page read and write
109E000
stack
page read and write
1940000
trusted library allocation
page execute and read and write
1150000
heap
page read and write
12B0000
heap
page read and write
2F61000
trusted library allocation
page read and write
566E000
stack
page read and write
258A000
trusted library allocation
page execute and read and write
300D000
trusted library allocation
page read and write
57D0000
heap
page read and write
14C3000
trusted library allocation
page execute and read and write
9B0000
heap
page read and write
1257000
trusted library allocation
page execute and read and write
38B0000
trusted library allocation
page read and write
BEC000
stack
page read and write
26A0000
trusted library allocation
page read and write
1008000
heap
page read and write
117C000
stack
page read and write
1370000
heap
page read and write
1791000
heap
page read and write
2B60000
trusted library allocation
page read and write
1278000
heap
page read and write
2A00000
heap
page execute and read and write
597C000
stack
page read and write
E4E000
heap
page read and write
D5B000
heap
page read and write
5CFE000
stack
page read and write
4ED0000
trusted library allocation
page execute and read and write
3E11000
trusted library allocation
page read and write
10D0000
heap
page read and write
60E0000
trusted library allocation
page read and write
595C000
stack
page read and write
F3E000
heap
page read and write
11F0000
heap
page read and write
1420000
heap
page read and write
1785000
heap
page read and write
4F0E000
stack
page read and write
2DB0000
trusted library allocation
page read and write
D89000
heap
page read and write
2A70000
heap
page read and write
25B0000
trusted library allocation
page read and write
505D000
stack
page read and write
1299000
heap
page read and write
2DE0000
heap
page execute and read and write
2564000
trusted library allocation
page read and write
5C5E000
stack
page read and write
528E000
stack
page read and write
497D000
stack
page read and write
125B000
trusted library allocation
page execute and read and write
1223000
trusted library allocation
page execute and read and write
2BB1000
trusted library allocation
page read and write
1220000
trusted library allocation
page read and write
60D0000
trusted library allocation
page read and write
880000
unkown
page readonly
D94000
heap
page read and write
263C000
stack
page read and write
11E0000
heap
page read and write
1242000
trusted library allocation
page read and write
2A73000
heap
page read and write
5BFF000
stack
page read and write
14F0000
trusted library allocation
page read and write
559E000
stack
page read and write
3397000
heap
page read and write
13BE000
stack
page read and write
D51000
heap
page read and write
26D7000
heap
page read and write
155E000
stack
page read and write
175E000
heap
page read and write
27F1000
trusted library allocation
page read and write
2C00000
heap
page execute and read and write
EF8000
stack
page read and write
5E90000
heap
page read and write
552E000
stack
page read and write
259B000
trusted library allocation
page execute and read and write
18D0000
trusted library allocation
page read and write
1950000
heap
page read and write
565C000
stack
page read and write
4BB8000
trusted library allocation
page read and write
4599000
trusted library allocation
page read and write
297A000
trusted library allocation
page execute and read and write
581E000
stack
page read and write
545E000
stack
page read and write
1750000
heap
page read and write
26B0000
trusted library allocation
page read and write
5770000
trusted library allocation
page execute and read and write
5A79000
stack
page read and write
2520000
heap
page read and write
26BB000
trusted library allocation
page read and write
2E0F000
stack
page read and write
D96000
heap
page read and write
14EA000
trusted library allocation
page execute and read and write
10A0000
trusted library allocation
page execute and read and write
122D000
trusted library allocation
page execute and read and write
3174000
trusted library allocation
page read and write
14C0000
trusted library allocation
page read and write
33A1000
trusted library allocation
page read and write
15AB000
trusted library allocation
page read and write
F68000
stack
page read and write
4030000
trusted library allocation
page read and write
37E1000
trusted library allocation
page read and write
2BE1000
trusted library allocation
page read and write
52E0000
heap
page execute and read and write
524E000
stack
page read and write
12C4000
heap
page read and write
5E00000
trusted library allocation
page execute and read and write
2B7B000
trusted library allocation
page read and write
2550000
trusted library allocation
page read and write
F50000
heap
page read and write
63DE000
stack
page read and write
56AE000
stack
page read and write
1224000
trusted library allocation
page read and write
DA5000
heap
page read and write
2573000
trusted library allocation
page read and write
52CD000
stack
page read and write
18D7000
trusted library allocation
page execute and read and write
6239000
stack
page read and write
1A5E000
stack
page read and write
4E8E000
stack
page read and write
5490000
trusted library allocation
page read and write
102E000
stack
page read and write
60E3000
trusted library allocation
page read and write
10E0000
heap
page read and write
5880000
trusted library allocation
page read and write
9C5000
heap
page read and write
1360000
heap
page read and write
43A1000
trusted library allocation
page read and write
5603000
trusted library allocation
page read and write
D7E000
heap
page read and write
3E4F000
trusted library allocation
page read and write
7EEE0000
trusted library allocation
page execute and read and write
3F9F000
trusted library allocation
page read and write
4F00000
heap
page execute and read and write
4438000
trusted library allocation
page read and write
2982000
trusted library allocation
page read and write
5B1D000
stack
page read and write
13D7000
heap
page read and write
514E000
stack
page read and write
5D40000
trusted library allocation
page execute and read and write
C4F000
stack
page read and write
5E9C000
stack
page read and write
2597000
trusted library allocation
page execute and read and write
5840000
heap
page read and write
2987000
trusted library allocation
page execute and read and write
5BC0000
trusted library allocation
page read and write
580E000
stack
page read and write
12F7000
heap
page read and write
5AEE000
stack
page read and write
6240000
heap
page read and write
There are 496 hidden memdumps, click here to show them.