Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_2eb6d214a432b8d55a6462a97f540e151133ce4_9d9eda31_62f5daf5-5cb9-4d59-90ac-c69c7a9e79a6\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA548.tmp.dmp
|
Mini DuMP crash report, 14 streams, Thu Aug 29 18:34:06 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA598.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA5B8.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.CrypterX-gen.13380.29830.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 6544 -s 240
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsdSAll
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
ProgramId
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
FileId
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
LongPathHash
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Name
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
OriginalFileName
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Publisher
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Version
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
BinFileVersion
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
BinaryType
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
ProductName
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
ProductVersion
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
LinkDate
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
BinProductVersion
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Size
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Language
|
||
|
\REGISTRY\A\{6830bf72-a8ff-268c-2f30-768622cc0cbd}\Root\InventoryApplicationFile\securiteinfo.com|56bff4ed0c24ca0f
|
Usn
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
5616000
|
trusted library allocation
|
page read and write
|
||
|
12EE000
|
heap
|
page read and write
|
||
|
BDC000
|
stack
|
page read and write
|
||
|
2F49000
|
direct allocation
|
page execute and read and write
|
||
|
A50E000
|
stack
|
page read and write
|
||
|
450000
|
remote allocation
|
page execute and read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
E42000
|
unkown
|
page readonly
|
||
|
1358000
|
heap
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
12EB000
|
heap
|
page read and write
|
||
|
A54E000
|
stack
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
55F4000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
724E000
|
heap
|
page read and write
|
||
|
A40E000
|
stack
|
page read and write
|
||
|
4119000
|
trusted library allocation
|
page read and write
|
||
|
7E5F000
|
stack
|
page read and write
|
||
|
A68E000
|
stack
|
page read and write
|
||
|
5815000
|
heap
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
5622000
|
trusted library allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
2EFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
30F5000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
57A0000
|
trusted library section
|
page readonly
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
30F0000
|
trusted library allocation
|
page read and write
|
||
|
3168000
|
direct allocation
|
page execute and read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
2EF2000
|
trusted library allocation
|
page read and write
|
||
|
2EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EE2000
|
trusted library allocation
|
page read and write
|
||
|
52AC000
|
stack
|
page read and write
|
||
|
5118000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
2EF7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
2EDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A50000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
EDA000
|
stack
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
7942000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
direct allocation
|
page execute and read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
5611000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
13D9000
|
heap
|
page read and write
|
||
|
30E6000
|
direct allocation
|
page execute and read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
3187000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
3185000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
2E20000
|
direct allocation
|
page execute and read and write
|
||
|
4111000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
2ED3000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
30D1000
|
direct allocation
|
page execute and read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
5A60000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
55FB000
|
trusted library allocation
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page read and write
|
||
|
15CF000
|
stack
|
page read and write
|
||
|
56D3000
|
heap
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
7E6C000
|
heap
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
73EB000
|
trusted library allocation
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
12B7000
|
heap
|
page read and write
|
||
|
7240000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page execute and read and write
|
||
|
7E60000
|
heap
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
5A4E000
|
stack
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
1399000
|
heap
|
page read and write
|
||
|
5C81000
|
trusted library allocation
|
page read and write
|
||
|
3178000
|
trusted library allocation
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
2ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
560E000
|
trusted library allocation
|
page read and write
|
||
|
30ED000
|
direct allocation
|
page execute and read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
FD7000
|
stack
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
2F4D000
|
direct allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
774D000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
561D000
|
trusted library allocation
|
page read and write
|
||
|
5C60000
|
trusted library section
|
page read and write
|
||
|
2EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
unkown
|
page readonly
|
||
|
5850000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page execute and read and write
|
||
|
57FC000
|
stack
|
page read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
779E000
|
stack
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1322000
|
heap
|
page read and write
|
||
|
A64F000
|
stack
|
page read and write
|
||
|
309B000
|
stack
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page execute and read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
7340000
|
trusted library section
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
E8B000
|
heap
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
160E000
|
stack
|
page read and write
|
||
|
D82000
|
unkown
|
page readonly
|
||
|
A78F000
|
stack
|
page read and write
|
There are 129 hidden memdumps, click here to show them.