Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_75c135f0ce3e17d6c1c9aa3903950babf53c231_09455e22_9ba49d06-01e8-48e0-9636-122ea563deab\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5381.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Oct 29 17:26:12 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER53C1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER53F1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.MalwareX-gen.22831.8874.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 5968 -s 196
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
ProgramId
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
FileId
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
LongPathHash
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Name
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
OriginalFileName
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Publisher
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Version
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
BinFileVersion
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
BinaryType
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
ProductName
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
ProductVersion
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
LinkDate
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
BinProductVersion
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Size
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Language
|
||
|
\REGISTRY\A\{3c1e4f8c-1429-6ec2-a180-638215a10b65}\Root\InventoryApplicationFile\securiteinfo.com|50cdd9342a24526d
|
Usn
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
BE0000
|
heap
|
page read and write
|
||
|
3DE8000
|
trusted library allocation
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
1309000
|
direct allocation
|
page execute and read and write
|
||
|
49F6000
|
trusted library allocation
|
page read and write
|
||
|
7510000
|
trusted library section
|
page read and write
|
||
|
B4A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BEF000
|
stack
|
page read and write
|
||
|
49EE000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
24C8000
|
trusted library allocation
|
page read and write
|
||
|
14A6000
|
direct allocation
|
page execute and read and write
|
||
|
1A2000
|
unkown
|
page readonly
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
23AC000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
B23000
|
trusted library allocation
|
page execute and read and write
|
||
|
767000
|
heap
|
page read and write
|
||
|
6C7F000
|
trusted library allocation
|
page read and write
|
||
|
4AD0000
|
trusted library allocation
|
page read and write
|
||
|
74E000
|
heap
|
page read and write
|
||
|
49D4000
|
trusted library allocation
|
page read and write
|
||
|
4C65000
|
heap
|
page read and write
|
||
|
6C6D000
|
stack
|
page read and write
|
||
|
B46000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8C000
|
stack
|
page read and write
|
||
|
7F630000
|
trusted library allocation
|
page execute and read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
49DB000
|
trusted library allocation
|
page read and write
|
||
|
4A35000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
468C000
|
stack
|
page read and write
|
||
|
3E29000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
690C000
|
heap
|
page read and write
|
||
|
49F1000
|
trusted library allocation
|
page read and write
|
||
|
266000
|
unkown
|
page readonly
|
||
|
2570000
|
trusted library allocation
|
page read and write
|
||
|
4AE0000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
trusted library section
|
page readonly
|
||
|
2560000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
1491000
|
direct allocation
|
page execute and read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
4B20000
|
heap
|
page read and write
|
||
|
6C70000
|
trusted library allocation
|
page read and write
|
||
|
B3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3599000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
2320000
|
trusted library allocation
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
4F3D000
|
stack
|
page read and write
|
||
|
50C0000
|
trusted library section
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
68E0000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
4AD2000
|
trusted library allocation
|
page read and write
|
||
|
4C0B000
|
stack
|
page read and write
|
||
|
6690000
|
heap
|
page read and write
|
||
|
3F7000
|
stack
|
page read and write
|
||
|
49FD000
|
trusted library allocation
|
page read and write
|
||
|
B52000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
direct allocation
|
page execute and read and write
|
||
|
B24000
|
trusted library allocation
|
page read and write
|
||
|
67CE000
|
stack
|
page read and write
|
||
|
6942000
|
heap
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FA000
|
stack
|
page read and write
|
||
|
B5B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C30000
|
heap
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
B57000
|
trusted library allocation
|
page execute and read and write
|
||
|
75DD000
|
stack
|
page read and write
|
||
|
73AF000
|
stack
|
page read and write
|
||
|
4AB0000
|
heap
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
6C2D000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
6D92000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
6904000
|
heap
|
page read and write
|
||
|
24BE000
|
stack
|
page read and write
|
||
|
2591000
|
trusted library allocation
|
page read and write
|
||
|
25AB000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
4F50000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
B19D000
|
stack
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B10000
|
trusted library allocation
|
page read and write
|
||
|
B42000
|
trusted library allocation
|
page read and write
|
||
|
4B23000
|
heap
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
4A80000
|
heap
|
page execute and read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
B8C000
|
stack
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
130D000
|
direct allocation
|
page execute and read and write
|
||
|
14AD000
|
direct allocation
|
page execute and read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
B77000
|
heap
|
page read and write
|
||
|
AFA0000
|
heap
|
page read and write
|
||
|
137E000
|
direct allocation
|
page execute and read and write
|
||
|
35DA000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
68F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2728000
|
trusted library allocation
|
page read and write
|
||
|
3591000
|
trusted library allocation
|
page read and write
|
||
|
724E000
|
stack
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page read and write
|
||
|
2580000
|
heap
|
page execute and read and write
|
||
|
72A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CA0000
|
heap
|
page read and write
|
||
|
781000
|
heap
|
page read and write
|
||
|
1528000
|
direct allocation
|
page execute and read and write
|
||
|
B29D000
|
stack
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
4AC0000
|
trusted library allocation
|
page execute and read and write
|
There are 123 hidden memdumps, click here to show them.