Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\is-M9OFA.tmp\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-VAP6D.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-M9OFA.tmp\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.tmp
|
"C:\Users\user\AppData\Local\Temp\is-M9OFA.tmp\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.tmp" /SL5="$2043C,4689659,161280,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Application.Agent.XLWBSF.10950.31692.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.dk-soft.org/p
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://fontawesome.io
|
unknown
|
||
|
http://fontawesome.io/license/
|
unknown
|
||
|
http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
http://www.dk-soft.org/
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8F4000
|
heap
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
254B000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2168000
|
direct allocation
|
page read and write
|
||
|
21DC000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2520000
|
direct allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
7D6000
|
unkown
|
page readonly
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
A8E000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
25D2000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
252E000
|
direct allocation
|
page read and write
|
||
|
6014000
|
direct allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
6071000
|
direct allocation
|
page read and write
|
||
|
222D000
|
direct allocation
|
page read and write
|
||
|
223C000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
219A000
|
direct allocation
|
page read and write
|
||
|
41B000
|
unkown
|
page read and write
|
||
|
422E000
|
stack
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
21F1000
|
direct allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
422000
|
unkown
|
page write copy
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
420000
|
unkown
|
page read and write
|
||
|
2234000
|
direct allocation
|
page read and write
|
||
|
218C000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page readonly
|
||
|
436E000
|
stack
|
page read and write
|
||
|
21B8000
|
direct allocation
|
page read and write
|
||
|
432F000
|
stack
|
page read and write
|
||
|
364A000
|
trusted library allocation
|
page read and write
|
||
|
2209000
|
direct allocation
|
page read and write
|
||
|
262A000
|
direct allocation
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
601D000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
5B1000
|
unkown
|
page execute read
|
||
|
221F000
|
direct allocation
|
page read and write
|
||
|
7FA50000
|
direct allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page readonly
|
||
|
21A1000
|
direct allocation
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
7D2000
|
unkown
|
page read and write
|
||
|
2623000
|
direct allocation
|
page read and write
|
||
|
21B1000
|
direct allocation
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
2210000
|
direct allocation
|
page read and write
|
||
|
260D000
|
direct allocation
|
page execute and read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
3635000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
2258000
|
direct allocation
|
page read and write
|
||
|
23A0000
|
direct allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2568000
|
direct allocation
|
page read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
6045000
|
direct allocation
|
page read and write
|
||
|
2543000
|
direct allocation
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
6027000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
2527000
|
direct allocation
|
page read and write
|
||
|
606A000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A8D000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2511000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2DAC000
|
stack
|
page read and write
|
||
|
7B2000
|
unkown
|
page read and write
|
||
|
3520000
|
heap
|
page read and write
|
||
|
7B7000
|
unkown
|
page read and write
|
||
|
3F30000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2176000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
224A000
|
direct allocation
|
page read and write
|
||
|
2577000
|
direct allocation
|
page read and write
|
||
|
7D3000
|
unkown
|
page readonly
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
3F30000
|
direct allocation
|
page read and write
|
||
|
2161000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
7CC000
|
unkown
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2EC7000
|
heap
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
2606000
|
direct allocation
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
7CE000
|
unkown
|
page write copy
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A83000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
2500000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
604C000
|
direct allocation
|
page read and write
|
||
|
2EC2000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2631000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
21D5000
|
direct allocation
|
page read and write
|
||
|
25A4000
|
direct allocation
|
page read and write
|
||
|
6063000
|
direct allocation
|
page read and write
|
||
|
3F40000
|
direct allocation
|
page read and write
|
||
|
2535000
|
direct allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2518000
|
direct allocation
|
page read and write
|
||
|
25B6000
|
direct allocation
|
page read and write
|
||
|
584F000
|
stack
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
2243000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
2EC7000
|
heap
|
page read and write
|
||
|
21F8000
|
direct allocation
|
page read and write
|
||
|
215A000
|
direct allocation
|
page read and write
|
||
|
217D000
|
direct allocation
|
page read and write
|
||
|
638000
|
heap
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
25DA000
|
direct allocation
|
page read and write
|
||
|
27F3000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
216F000
|
direct allocation
|
page read and write
|
||
|
2595000
|
direct allocation
|
page read and write
|
||
|
30D2000
|
trusted library allocation
|
page read and write
|
||
|
25AD000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
25B4000
|
direct allocation
|
page execute and read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
258A000
|
direct allocation
|
page read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
250A000
|
direct allocation
|
page read and write
|
||
|
2EDA000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
2141000
|
direct allocation
|
page read and write
|
||
|
25CB000
|
direct allocation
|
page read and write
|
||
|
2251000
|
direct allocation
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
6037000
|
direct allocation
|
page read and write
|
||
|
2185000
|
direct allocation
|
page read and write
|
||
|
2614000
|
direct allocation
|
page read and write
|
||
|
7A6000
|
unkown
|
page write copy
|
||
|
257F000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
25F8000
|
direct allocation
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
259D000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
7AD000
|
unkown
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
253C000
|
direct allocation
|
page read and write
|
||
|
261C000
|
direct allocation
|
page read and write
|
||
|
2570000
|
direct allocation
|
page read and write
|
||
|
21C7000
|
direct allocation
|
page read and write
|
||
|
3620000
|
trusted library allocation
|
page read and write
|
||
|
2558000
|
direct allocation
|
page read and write
|
||
|
2193000
|
direct allocation
|
page read and write
|
||
|
3521000
|
heap
|
page read and write
|
||
|
21C0000
|
direct allocation
|
page read and write
|
||
|
2EC8000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A00000
|
direct allocation
|
page execute and read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
21EA000
|
direct allocation
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
21CE000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
41B000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
23A0000
|
direct allocation
|
page read and write
|
||
|
21A9000
|
direct allocation
|
page read and write
|
||
|
2638000
|
direct allocation
|
page read and write
|
||
|
25BC000
|
direct allocation
|
page read and write
|
||
|
2226000
|
direct allocation
|
page read and write
|
||
|
2201000
|
direct allocation
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page readonly
|
There are 232 hidden memdumps, click here to show them.