Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Adware.005af3651.12124.22502.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Links\Aliexpress.ico (copy)
|
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Arche_Age.ico (copy)
|
Targa image data - Map 32 x 41776 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Atomic_Heart.ico (copy)
|
MS Windows icon resource - 11 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Battle_Teams.ico (copy)
|
MS Windows icon resource - 7 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Blood_and_Soul.ico (copy)
|
Targa image data - Map 32 x 56059 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Calibr.ico (copy)
|
MS Windows icon resource - 13 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Crossout.ico (copy)
|
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Enlisted.ico (copy)
|
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\InstalledLinks.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Lost_Ark.ico (copy)
|
MS Windows icon resource - 6 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Offline_Items.ico (copy)
|
MS Windows icon resource - 9 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Perfect_World.ico (copy)
|
MS Windows icon resource - 12 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Rail_Nation.ico (copy)
|
MS Windows icon resource - 6 icons, 256x256, 32 bits/pixel, -128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\SteamKeys.ico (copy)
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\SteamKeys2.ico (copy)
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\War_Thunder.ico (copy)
|
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\Warface.ico (copy)
|
MS Windows icon resource - 13 icons, 16x16, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\World_Of_Tanks.ico (copy)
|
Targa image data - Map 32 x 39521 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\World_Of_Tanks_Ru.ico (copy)
|
MS Windows icon resource - 11 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\World_Of_Warships.ico (copy)
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\World_Of_Warships_Ru.ico (copy)
|
Targa image data - Map 32 x 65531 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-2UNQ6.tmp
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-4030Q.tmp
|
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-4FOIB.tmp
|
MS Windows icon resource - 6 icons, 256x256, 32 bits/pixel, -128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-4R2DA.tmp
|
MS Windows icon resource - 13 icons, 16x16, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-5S6OB.tmp
|
MS Windows icon resource - 9 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-8JGDF.tmp
|
Targa image data - Map 32 x 39521 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-9ATD6.tmp
|
MS Windows icon resource - 6 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-BN5AC.tmp
|
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-DKHB6.tmp
|
MS Windows icon resource - 12 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-G0NRQ.tmp
|
Targa image data - Map 32 x 56059 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-HK1LU.tmp
|
MS Windows icon resource - 11 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-ITF4A.tmp
|
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-L837A.tmp
|
MS Windows icon resource - 7 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24
with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-MD8VJ.tmp
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-MFFL2.tmp
|
Targa image data - Map 32 x 65531 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-PBPOA.tmp
|
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel,
-128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-RTAH9.tmp
|
MS Windows icon resource - 10 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-SCAA3.tmp
|
Targa image data - Map 32 x 41776 x 1 +1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-T9C2I.tmp
|
MS Windows icon resource - 11 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Links\is-UL0IH.tmp
|
MS Windows icon resource - 13 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-EHUNG.tmp\SecuriteInfo.com.Adware.005af3651.12124.22502.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-IH3VM.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\???????? ?????? Steam.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\???????? ??????? ???????.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Aliexpress.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\ArcheAge.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Atomic Heart.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Battle Teams.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Blood and Soul.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Caliber.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Crossout.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Enlisted.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Lost Ark.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Perfect World.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Rail Nation.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\War Thunder.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Warface.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\World of Tanks.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\World of Warships.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\???????? ?????? Steam.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\???????? ??????? ???????.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Aliexpress.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\ArcheAge.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Atomic Heart.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Battle Teams.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Blood and Soul.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Caliber.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Crossout.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Enlisted.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Lost Ark.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Perfect World.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Rail Nation.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\War Thunder.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Warface.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\World of Tanks.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\World of Warships.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600,
length=0, window=hide
|
dropped
|
There are 68 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Adware.005af3651.12124.22502.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Adware.005af3651.12124.22502.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-EHUNG.tmp\SecuriteInfo.com.Adware.005af3651.12124.22502.tmp
|
"C:\Users\user\AppData\Local\Temp\is-EHUNG.tmp\SecuriteInfo.com.Adware.005af3651.12124.22502.tmp" /SL5="$1044A,1938865,172032,C:\Users\user\Desktop\SecuriteInfo.com.Adware.005af3651.12124.22502.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://yagoaway.ru/gl/?cid=&oid=1140&v=6&utm_campaign=test&trash=
|
unknown
|
 |
|
|
https://yagoaway.ru/gl/?cid=&oid=1925&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=29150&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=911&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=27233&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=34283&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=6735&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=20935&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=19706&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=24766&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=3480053&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=dFjmQFjX&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=29103&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=833&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=NgRKk7SD&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=1115&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
https://yagoaway.ru/gl/?cid=&oid=171&v=6&utm_campaign=test&trash=
|
unknown
|
|
|
|
http://www.innosetup.com/
|
unknown
|
||
|
https://stvkr.com/click-
|
unknown
|
||
|
https://terra.im/gl/?cid=$
|
unknown
|
||
|
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
https://ipinfo.io/countryry
|
unknown
|
||
|
http://www.dk-soft.org/
|
unknown
|
||
|
https://ipinfo.io/country
|
34.117.186.192
|
||
|
https://terra.im/gl/?cid=&oid=$
|
unknown
|
||
|
https://yagoaway.ru/gl/?cid=&oid=$
|
unknown
|
||
|
http://www.remobjects.com/ps
|
unknown
|
||
|
https://yagoaway.ru/gl/?cid=&oid=1140&v=6&utm_campaign=testt
|
unknown
|
There are 18 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ipinfo.io
|
34.117.186.192
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.117.186.192
|
ipinfo.io
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D616C6965787072657373
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D626C6F6F642D616E642D736F756C
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D63616C696272
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D63726F73736F7574
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D656E6C6973746564
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D6C6F73742D61726B
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D6F66666C696E652D6974656D73
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D7261696C2D6E6174696F6E
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D737465616D2D6B6579735F7770
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D737465616D2D6B657973
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
737465616D2D6B657973
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D737465616D6B657973
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D737465616D6B65797332
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D7761722D7468756E646572
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D77617266616365
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D776F726C642D6F662D74616E6B73
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D776F726C642D6F662D74616E6B732D7275
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D776F726C642D6F662D7761727368697073
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D776F726C642D6F662D77617273686970732D7275
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D706572666563742D776F726C64
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D61726368652D616765
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D61746F6D69632D6865617274
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
|
6C696E6B2D626174746C652D7465616D73
|
There are 16 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
32A0000
|
remote allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
2205000
|
direct allocation
|
page read and write
|
||
|
236B000
|
direct allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
23FA000
|
direct allocation
|
page read and write
|
||
|
5EEF000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
3AD1000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
3B08000
|
direct allocation
|
page read and write
|
||
|
7BF000
|
stack
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
3AB2000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
33C1000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
22E6000
|
direct allocation
|
page read and write
|
||
|
2304000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page read and write
|
||
|
6C7000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
2213000
|
direct allocation
|
page read and write
|
||
|
64D000
|
heap
|
page read and write
|
||
|
221A000
|
direct allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
6DD000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
22F4000
|
direct allocation
|
page read and write
|
||
|
64B000
|
heap
|
page read and write
|
||
|
672000
|
heap
|
page read and write
|
||
|
712000
|
heap
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
22ED000
|
direct allocation
|
page read and write
|
||
|
22D0000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
231A000
|
direct allocation
|
page read and write
|
||
|
21BB000
|
direct allocation
|
page read and write
|
||
|
3AF9000
|
direct allocation
|
page read and write
|
||
|
2401000
|
direct allocation
|
page read and write
|
||
|
2408000
|
direct allocation
|
page read and write
|
||
|
2345000
|
direct allocation
|
page read and write
|
||
|
21AD000
|
direct allocation
|
page read and write
|
||
|
2291000
|
direct allocation
|
page read and write
|
||
|
2382000
|
direct allocation
|
page read and write
|
||
|
22C9000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
702000
|
heap
|
page read and write
|
||
|
659000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
23D6000
|
direct allocation
|
page read and write
|
||
|
232F000
|
direct allocation
|
page read and write
|
||
|
66B000
|
heap
|
page read and write
|
||
|
327E000
|
stack
|
page read and write
|
||
|
238D000
|
direct allocation
|
page read and write
|
||
|
50E000
|
unkown
|
page write copy
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
65C000
|
heap
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6D8000
|
heap
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
3AE3000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
25D0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
430000
|
unkown
|
page readonly
|
||
|
734000
|
heap
|
page read and write
|
||
|
2250000
|
direct allocation
|
page read and write
|
||
|
67D000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
2298000
|
direct allocation
|
page read and write
|
||
|
21DF000
|
direct allocation
|
page read and write
|
||
|
2186000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3A8C000
|
direct allocation
|
page read and write
|
||
|
228A000
|
direct allocation
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
3ABF000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
8FF000
|
stack
|
page read and write
|
||
|
31EB000
|
direct allocation
|
page read and write
|
||
|
628000
|
heap
|
page read and write
|
||
|
219F000
|
direct allocation
|
page read and write
|
||
|
23C8000
|
direct allocation
|
page read and write
|
||
|
2503000
|
direct allocation
|
page read and write
|
||
|
65C000
|
heap
|
page read and write
|
||
|
23B2000
|
direct allocation
|
page read and write
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
225F000
|
direct allocation
|
page read and write
|
||
|
34C0000
|
direct allocation
|
page read and write
|
||
|
3980000
|
heap
|
page read and write
|
||
|
654000
|
heap
|
page read and write
|
||
|
21F5000
|
direct allocation
|
page read and write
|
||
|
237B000
|
direct allocation
|
page read and write
|
||
|
2241000
|
direct allocation
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
2274000
|
direct allocation
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
2374000
|
direct allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
387D000
|
stack
|
page read and write
|
||
|
25D0000
|
direct allocation
|
page read and write
|
||
|
230B000
|
direct allocation
|
page read and write
|
||
|
67F000
|
heap
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
2328000
|
direct allocation
|
page read and write
|
||
|
663000
|
heap
|
page read and write
|
||
|
24FF000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
417000
|
unkown
|
page read and write
|
||
|
6CA000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
2313000
|
direct allocation
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
234C000
|
direct allocation
|
page read and write
|
||
|
52B000
|
unkown
|
page readonly
|
||
|
22DF000
|
direct allocation
|
page read and write
|
||
|
5CB0000
|
heap
|
page read and write
|
||
|
50E000
|
unkown
|
page read and write
|
||
|
2249000
|
direct allocation
|
page read and write
|
||
|
21FE000
|
direct allocation
|
page read and write
|
||
|
233E000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
665000
|
heap
|
page read and write
|
||
|
2395000
|
direct allocation
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
227C000
|
direct allocation
|
page read and write
|
||
|
507000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
29D0000
|
trusted library allocation
|
page read and write
|
||
|
67D000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
21EE000
|
direct allocation
|
page read and write
|
||
|
6D4000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
6EA000
|
heap
|
page read and write
|
||
|
32A0000
|
remote allocation
|
page read and write
|
||
|
419000
|
unkown
|
page write copy
|
||
|
23F3000
|
direct allocation
|
page read and write
|
||
|
7FE3F000
|
direct allocation
|
page read and write
|
||
|
7FE3B000
|
direct allocation
|
page read and write
|
||
|
23E0000
|
direct allocation
|
page read and write
|
||
|
239C000
|
direct allocation
|
page read and write
|
||
|
32A0000
|
remote allocation
|
page read and write
|
||
|
70E000
|
heap
|
page read and write
|
||
|
2283000
|
direct allocation
|
page read and write
|
||
|
677000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
2603000
|
heap
|
page read and write
|
||
|
6BF000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
5BAE000
|
stack
|
page read and write
|
||
|
21B4000
|
direct allocation
|
page read and write
|
||
|
21CA000
|
direct allocation
|
page read and write
|
||
|
32CE000
|
heap
|
page read and write
|
||
|
5F2E000
|
stack
|
page read and write
|
||
|
41C000
|
unkown
|
page readonly
|
||
|
18C000
|
stack
|
page read and write
|
||
|
23DD000
|
direct allocation
|
page read and write
|
||
|
6CC000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
6F2000
|
heap
|
page read and write
|
||
|
23B9000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
2337000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
23EC000
|
direct allocation
|
page read and write
|
||
|
641000
|
heap
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
33C1000
|
heap
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
503000
|
unkown
|
page read and write
|
||
|
50B000
|
unkown
|
page read and write
|
||
|
4CE000
|
stack
|
page read and write
|
||
|
3ACA000
|
direct allocation
|
page read and write
|
||
|
6E6000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
21D1000
|
direct allocation
|
page read and write
|
||
|
35DD000
|
direct allocation
|
page read and write
|
||
|
682000
|
heap
|
page read and write
|
||
|
3AEC000
|
direct allocation
|
page read and write
|
||
|
658000
|
heap
|
page read and write
|
||
|
6C8000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
23AB000
|
direct allocation
|
page read and write
|
||
|
42C000
|
unkown
|
page readonly
|
||
|
2266000
|
direct allocation
|
page read and write
|
||
|
9BF000
|
stack
|
page read and write
|
||
|
31F0000
|
direct allocation
|
page read and write
|
||
|
397D000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
71B000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
22B0000
|
direct allocation
|
page execute and read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
7FD20000
|
direct allocation
|
page read and write
|
||
|
21A6000
|
direct allocation
|
page read and write
|
||
|
6BD000
|
heap
|
page read and write
|
||
|
21D8000
|
direct allocation
|
page read and write
|
||
|
5CAF000
|
stack
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
652000
|
heap
|
page read and write
|
||
|
6EE000
|
heap
|
page read and write
|
||
|
21C3000
|
direct allocation
|
page read and write
|
||
|
23E4000
|
direct allocation
|
page read and write
|
||
|
21E7000
|
direct allocation
|
page read and write
|
||
|
676000
|
heap
|
page read and write
|
||
|
226D000
|
direct allocation
|
page read and write
|
||
|
514000
|
unkown
|
page readonly
|
||
|
22FD000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
693000
|
heap
|
page read and write
|
||
|
222D000
|
direct allocation
|
page read and write
|
||
|
220C000
|
direct allocation
|
page read and write
|
||
|
503000
|
unkown
|
page write copy
|
||
|
23CF000
|
direct allocation
|
page read and write
|
||
|
734000
|
heap
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
There are 248 hidden memdumps, click here to show them.