Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\66e6ea133c92f_crypted.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\Downloads\Unconfirmed 929433.crdownload
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
Chrome Cache Entry: 62
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\66e6ea133c92f_crypted.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:49:52 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:49:52 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:49:52 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:49:52 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 7 21:49:52 2024, atime=Wed Sep 27 08:36:55
2023, length=1210144, window=hide
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Downloads\66e6ea133c92f_crypted.exe
|
"C:\Users\user\Downloads\66e6ea133c92f_crypted.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2264 --field-trial-handle=2112,i,2653958895561753599,15018511285306853254,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://hans.uniformeslaamistad.com/yuop/66e6ea133c92f_crypted.exe#xin"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US
--service-sandbox-type=icon_reader --mojo-platform-channel-handle=5556 --field-trial-handle=2112,i,2653958895561753599,15018511285306853254,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://hans.uniformeslaamistad.com/yuop/66e6ea133c92f_crypted.exe#xin
|
|
||
|
http://hans.uniformeslaamistad.com/yuop/66e6ea133c92f_crypted.exe
|
147.45.44.104
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0036.t-0009.t-msedge.net
|
13.107.246.64
|
||
|
www.google.com
|
142.250.185.164
|
||
|
hans.uniformeslaamistad.com
|
147.45.44.104
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.164
|
www.google.com
|
United States
|
||
|
147.45.44.104
|
hans.uniformeslaamistad.com
|
Russian Federation
|
||
|
192.168.2.9
|
unknown
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4105000
|
trusted library allocation
|
page read and write
|
|
|
|
33DD000
|
trusted library allocation
|
page read and write
|
||
|
3317000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
33B3000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
11C8000
|
heap
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page execute and read and write
|
||
|
335E000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
332A000
|
trusted library allocation
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
338A000
|
trusted library allocation
|
page read and write
|
||
|
30EE000
|
stack
|
page read and write
|
||
|
33DF000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
heap
|
page execute and read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page read and write
|
||
|
5681000
|
trusted library allocation
|
page read and write
|
||
|
56C5000
|
trusted library allocation
|
page read and write
|
||
|
33CA000
|
trusted library allocation
|
page read and write
|
||
|
33AB000
|
trusted library allocation
|
page read and write
|
||
|
7982000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
5B52000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
3377000
|
trusted library allocation
|
page read and write
|
||
|
103C000
|
stack
|
page read and write
|
||
|
568D000
|
trusted library allocation
|
page read and write
|
||
|
589B000
|
stack
|
page read and write
|
||
|
113A000
|
stack
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
2F76000
|
trusted library allocation
|
page execute and read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
33CD000
|
trusted library allocation
|
page read and write
|
||
|
D88000
|
unkown
|
page readonly
|
||
|
3103000
|
trusted library allocation
|
page read and write
|
||
|
33DB000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
trusted library allocation
|
page read and write
|
||
|
566E000
|
trusted library allocation
|
page read and write
|
||
|
567E000
|
trusted library allocation
|
page read and write
|
||
|
32B1000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
330D000
|
trusted library allocation
|
page read and write
|
||
|
7D9E000
|
stack
|
page read and write
|
||
|
73BF000
|
heap
|
page read and write
|
||
|
5740000
|
trusted library allocation
|
page execute and read and write
|
||
|
3394000
|
trusted library allocation
|
page read and write
|
||
|
11F5000
|
heap
|
page read and write
|
||
|
1203000
|
heap
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
5813000
|
heap
|
page read and write
|
||
|
334B000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
33A5000
|
trusted library allocation
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
2EF0000
|
heap
|
page execute and read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
5692000
|
trusted library allocation
|
page read and write
|
||
|
14A2000
|
heap
|
page read and write
|
||
|
58A0000
|
trusted library section
|
page readonly
|
||
|
3101000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F72000
|
trusted library allocation
|
page read and write
|
||
|
11E8000
|
heap
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
338E000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
5B1D000
|
stack
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
33C2000
|
trusted library allocation
|
page read and write
|
||
|
D32000
|
unkown
|
page readonly
|
||
|
33B1000
|
trusted library allocation
|
page read and write
|
||
|
33F4000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
332E000
|
trusted library allocation
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
330B000
|
trusted library allocation
|
page read and write
|
||
|
1723000
|
trusted library allocation
|
page execute and read and write
|
||
|
1491000
|
heap
|
page read and write
|
||
|
14AE000
|
heap
|
page read and write
|
||
|
531C000
|
stack
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
trusted library allocation
|
page read and write
|
||
|
33AD000
|
trusted library allocation
|
page read and write
|
||
|
33AF000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
56A4000
|
trusted library allocation
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
4181000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
heap
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
73E5000
|
heap
|
page read and write
|
||
|
5920000
|
heap
|
page execute and read and write
|
||
|
5730000
|
heap
|
page read and write
|
||
|
D30000
|
unkown
|
page readonly
|
||
|
73B5000
|
heap
|
page read and write
|
||
|
2F87000
|
trusted library allocation
|
page execute and read and write
|
||
|
761E000
|
stack
|
page read and write
|
||
|
56BF000
|
trusted library allocation
|
page read and write
|
||
|
7E9E000
|
stack
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11ED000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
33C4000
|
trusted library allocation
|
page read and write
|
||
|
13F3000
|
heap
|
page read and write
|
||
|
33F6000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
heap
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
3373000
|
trusted library allocation
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
1737000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
58B5000
|
heap
|
page read and write
|
||
|
2F6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
2FE5000
|
trusted library allocation
|
page read and write
|
||
|
338C000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
2F82000
|
trusted library allocation
|
page read and write
|
||
|
13CB000
|
heap
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
3332000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
32E3000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
5B55000
|
heap
|
page read and write
|
||
|
340F000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3349000
|
trusted library allocation
|
page read and write
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
33E3000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
332C000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
3364000
|
trusted library allocation
|
page read and write
|
||
|
33E5000
|
trusted library allocation
|
page read and write
|
||
|
33E1000
|
trusted library allocation
|
page read and write
|
||
|
2E37000
|
trusted library allocation
|
page execute and read and write
|
||
|
3217000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page read and write
|
||
|
FD5000
|
heap
|
page read and write
|
||
|
73AD000
|
heap
|
page read and write
|
||
|
785E000
|
stack
|
page read and write
|
||
|
3328000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
remote allocation
|
page execute and read and write
|
||
|
F39000
|
stack
|
page read and write
|
||
|
3313000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
334D000
|
trusted library allocation
|
page read and write
|
||
|
51FD000
|
stack
|
page read and write
|
||
|
324C000
|
trusted library allocation
|
page read and write
|
||
|
153F000
|
stack
|
page read and write
|
||
|
33F8000
|
trusted library allocation
|
page read and write
|
||
|
3347000
|
trusted library allocation
|
page read and write
|
||
|
140F000
|
heap
|
page read and write
|
||
|
73C3000
|
heap
|
page read and write
|
||
|
4101000
|
trusted library allocation
|
page read and write
|
||
|
73D1000
|
heap
|
page read and write
|
||
|
3367000
|
trusted library allocation
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
146B000
|
heap
|
page read and write
|
||
|
3397000
|
trusted library allocation
|
page read and write
|
||
|
5664000
|
trusted library allocation
|
page read and write
|
||
|
32EB000
|
trusted library allocation
|
page read and write
|
||
|
33A7000
|
trusted library allocation
|
page read and write
|
||
|
172D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
1720000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
32EF000
|
trusted library allocation
|
page read and write
|
||
|
145B000
|
heap
|
page read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
775E000
|
stack
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
3392000
|
trusted library allocation
|
page read and write
|
||
|
73CA000
|
heap
|
page read and write
|
||
|
13FF000
|
heap
|
page read and write
|
||
|
30FF000
|
stack
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
14A6000
|
heap
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
5CA0000
|
heap
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
5686000
|
trusted library allocation
|
page read and write
|
||
|
3295000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
heap
|
page read and write
|
||
|
2F7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
5546000
|
trusted library allocation
|
page read and write
|
||
|
14AA000
|
heap
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
2F8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
313B000
|
stack
|
page read and write
|
||
|
566B000
|
trusted library allocation
|
page read and write
|
||
|
73DA000
|
heap
|
page read and write
|
||
|
1424000
|
trusted library allocation
|
page read and write
|
||
|
1724000
|
trusted library allocation
|
page read and write
|
||
|
3414000
|
trusted library allocation
|
page read and write
|
There are 231 hidden memdumps, click here to show them.