Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win64.PWSX-gen.24850.22028.exe
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryAWSFNvLGNr
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 4
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryncVxcrHRZz
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4,
UTF-8, version-valid-for 4
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DatapomdOhjfeW
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesyonHaWuppH
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataFIHJDMqXHm
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DatamiROCwylnO
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistorymUUcKURTZn
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryqCoKrzsSGr
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataifXQjhqTfO
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web DataIKRjbKbxrb
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web DatavztLIyuiBn
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\Desktop\autofill.json
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\cards.json
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\cookies.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\Desktop\discord.json
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\downloads.json
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\history.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\Desktop\passwords.json
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\screenshot.png
|
PNG image data, 1280 x 1024, 8-bit/color RGB, non-interlaced
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win64.PWSX-gen.24850.22028.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.PWSX-gen.24850.22028.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17C:
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
There are 5 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF7D6028000
|
unkown
|
page readonly
|
|
|
|
7FF7D6028000
|
unkown
|
page readonly
|
|
|
|
C00018A000
|
direct allocation
|
page read and write
|
||
|
24B63920000
|
direct allocation
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
C000088000
|
direct allocation
|
page read and write
|
||
|
24B5E2D5000
|
heap
|
page read and write
|
||
|
C0000CE000
|
direct allocation
|
page read and write
|
||
|
C0000B2000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C0000C4000
|
direct allocation
|
page read and write
|
||
|
24B5E2FE000
|
heap
|
page read and write
|
||
|
24B5E2E8000
|
heap
|
page read and write
|
||
|
C000092000
|
direct allocation
|
page read and write
|
||
|
C0001B1000
|
direct allocation
|
page read and write
|
||
|
24B5E2D5000
|
heap
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C000028000
|
direct allocation
|
page read and write
|
||
|
C000049000
|
direct allocation
|
page read and write
|
||
|
24B5E2B3000
|
heap
|
page read and write
|
||
|
7FF7D5FE8000
|
unkown
|
page write copy
|
||
|
7FF7D635D000
|
unkown
|
page read and write
|
||
|
619F3FE000
|
stack
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
619FBFE000
|
stack
|
page read and write
|
||
|
24B5E2FF000
|
heap
|
page read and write
|
||
|
C000036000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
7FF7D63D8000
|
unkown
|
page readonly
|
||
|
24B5E2B7000
|
heap
|
page read and write
|
||
|
7FF7D5FE7000
|
unkown
|
page read and write
|
||
|
7FF7D63D4000
|
unkown
|
page read and write
|
||
|
7FF7D6016000
|
unkown
|
page read and write
|
||
|
C000114000
|
direct allocation
|
page read and write
|
||
|
7FF7D63D8000
|
unkown
|
page readonly
|
||
|
C000010000
|
direct allocation
|
page read and write
|
||
|
C00000E000
|
direct allocation
|
page read and write
|
||
|
24B5E2E7000
|
heap
|
page read and write
|
||
|
C000064000
|
direct allocation
|
page read and write
|
||
|
C000FAC000
|
direct allocation
|
page read and write
|
||
|
C00012E000
|
direct allocation
|
page read and write
|
||
|
24B5E2EB000
|
heap
|
page read and write
|
||
|
24B5E2BE000
|
heap
|
page read and write
|
||
|
C00000A000
|
direct allocation
|
page read and write
|
||
|
24B5E28E000
|
heap
|
page read and write
|
||
|
24B5E2E3000
|
heap
|
page read and write
|
||
|
24B5E450000
|
heap
|
page read and write
|
||
|
7FF7D63D4000
|
unkown
|
page write copy
|
||
|
24B5E480000
|
direct allocation
|
page read and write
|
||
|
24B5E304000
|
heap
|
page read and write
|
||
|
24B5E2C6000
|
heap
|
page read and write
|
||
|
C000086000
|
direct allocation
|
page read and write
|
||
|
24B5E2D5000
|
heap
|
page read and write
|
||
|
7FF7D601F000
|
unkown
|
page read and write
|
||
|
24B5E2DB000
|
heap
|
page read and write
|
||
|
7FF7D5BD0000
|
unkown
|
page readonly
|
||
|
619F9FF000
|
stack
|
page read and write
|
||
|
C0000C0000
|
direct allocation
|
page read and write
|
||
|
7FF7D5FE4000
|
unkown
|
page write copy
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
619EFFC000
|
stack
|
page read and write
|
||
|
C0002A0000
|
direct allocation
|
page read and write
|
||
|
C0001EA000
|
direct allocation
|
page read and write
|
||
|
C000120000
|
direct allocation
|
page read and write
|
||
|
24B5E2AF000
|
heap
|
page read and write
|
||
|
C00003D000
|
direct allocation
|
page read and write
|
||
|
C0000B4000
|
direct allocation
|
page read and write
|
||
|
24B5E2F7000
|
heap
|
page read and write
|
||
|
C0000D0000
|
direct allocation
|
page read and write
|
||
|
C000175000
|
direct allocation
|
page read and write
|
||
|
24B5E2DD000
|
heap
|
page read and write
|
||
|
C0000C6000
|
direct allocation
|
page read and write
|
||
|
C0000D2000
|
direct allocation
|
page read and write
|
||
|
7FF7D5FE2000
|
unkown
|
page write copy
|
||
|
24B637A0000
|
direct allocation
|
page read and write
|
||
|
C000054000
|
direct allocation
|
page read and write
|
||
|
7FF7D63D2000
|
unkown
|
page read and write
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
24B5E2E2000
|
heap
|
page read and write
|
||
|
C000018000
|
direct allocation
|
page read and write
|
||
|
C000050000
|
direct allocation
|
page read and write
|
||
|
C000084000
|
direct allocation
|
page read and write
|
||
|
24B5E2C4000
|
heap
|
page read and write
|
||
|
24B5E2D7000
|
heap
|
page read and write
|
||
|
7FF7D5BD0000
|
unkown
|
page readonly
|
||
|
24B5E2F3000
|
heap
|
page read and write
|
||
|
619F1FF000
|
stack
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
C000080000
|
direct allocation
|
page read and write
|
||
|
C00011A000
|
direct allocation
|
page read and write
|
||
|
24B5E2BA000
|
heap
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
C0000A0000
|
direct allocation
|
page read and write
|
||
|
24B5E2C5000
|
heap
|
page read and write
|
||
|
24B5E304000
|
heap
|
page read and write
|
||
|
C000021000
|
direct allocation
|
page read and write
|
||
|
24B5E2D8000
|
heap
|
page read and write
|
||
|
24B5E2F7000
|
heap
|
page read and write
|
||
|
C0000BC000
|
direct allocation
|
page read and write
|
||
|
24B5E2D3000
|
heap
|
page read and write
|
||
|
7FF7D6344000
|
unkown
|
page read and write
|
||
|
24B5E2EF000
|
heap
|
page read and write
|
||
|
C0000BE000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
24B5E2D0000
|
heap
|
page read and write
|
||
|
24B5E2AF000
|
heap
|
page read and write
|
||
|
C00016C000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
24B5E615000
|
heap
|
page read and write
|
||
|
7FF7D6020000
|
unkown
|
page write copy
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
24B6373D000
|
direct allocation
|
page read and write
|
||
|
C0000BA000
|
direct allocation
|
page read and write
|
||
|
C00008E000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
24B5E2FB000
|
heap
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
619F5FE000
|
stack
|
page read and write
|
||
|
C000173000
|
direct allocation
|
page read and write
|
||
|
24B5E2D0000
|
heap
|
page read and write
|
||
|
24B5E2AF000
|
heap
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
7FF7D5FDF000
|
unkown
|
page read and write
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
24B5E250000
|
heap
|
page read and write
|
||
|
24B63725000
|
direct allocation
|
page read and write
|
||
|
C0000B0000
|
direct allocation
|
page read and write
|
||
|
C0000D4000
|
direct allocation
|
page read and write
|
||
|
C0001AF000
|
direct allocation
|
page read and write
|
||
|
24B5E2DB000
|
heap
|
page read and write
|
||
|
C000126000
|
direct allocation
|
page read and write
|
||
|
24B6395E000
|
direct allocation
|
page read and write
|
||
|
24B5E2B5000
|
heap
|
page read and write
|
||
|
7FF7D63D3000
|
unkown
|
page readonly
|
||
|
C000128000
|
direct allocation
|
page read and write
|
||
|
24B5E5E0000
|
direct allocation
|
page read and write
|
||
|
24B5E304000
|
heap
|
page read and write
|
||
|
24B5E2D2000
|
heap
|
page read and write
|
||
|
24B5E2E2000
|
heap
|
page read and write
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
C00011C000
|
direct allocation
|
page read and write
|
||
|
24B5E280000
|
heap
|
page read and write
|
||
|
24B5E488000
|
direct allocation
|
page read and write
|
||
|
24B5E2FF000
|
heap
|
page read and write
|
||
|
24B5E2B0000
|
heap
|
page read and write
|
||
|
C000096000
|
direct allocation
|
page read and write
|
||
|
C000052000
|
direct allocation
|
page read and write
|
||
|
24B5E2AF000
|
heap
|
page read and write
|
||
|
24B5E2FF000
|
heap
|
page read and write
|
||
|
24B5E2F4000
|
heap
|
page read and write
|
||
|
7FF7D5FE3000
|
unkown
|
page read and write
|
||
|
24B5E2E4000
|
heap
|
page read and write
|
||
|
C00010C000
|
direct allocation
|
page read and write
|
||
|
C000294000
|
direct allocation
|
page read and write
|
||
|
24B65620000
|
direct allocation
|
page read and write
|
||
|
24B5E2B4000
|
heap
|
page read and write
|
||
|
24B5E305000
|
heap
|
page read and write
|
||
|
C000090000
|
direct allocation
|
page read and write
|
||
|
7FF7D63D5000
|
unkown
|
page write copy
|
||
|
7FF7D6363000
|
unkown
|
page read and write
|
||
|
C000026000
|
direct allocation
|
page read and write
|
||
|
C00011E000
|
direct allocation
|
page read and write
|
||
|
24B5E2D8000
|
heap
|
page read and write
|
||
|
7FF7D5BD1000
|
unkown
|
page execute read
|
||
|
24B5E305000
|
heap
|
page read and write
|
||
|
24B5E2B7000
|
heap
|
page read and write
|
||
|
24B5E305000
|
heap
|
page read and write
|
||
|
24B5E2CB000
|
heap
|
page read and write
|
||
|
C00006E000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
C000014000
|
direct allocation
|
page read and write
|
||
|
24B5E2FF000
|
heap
|
page read and write
|
||
|
24B5E2D1000
|
heap
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C00023A000
|
direct allocation
|
page read and write
|
||
|
7FF7D63D3000
|
unkown
|
page readonly
|
||
|
C0001B3000
|
direct allocation
|
page read and write
|
||
|
24B5E2DB000
|
heap
|
page read and write
|
||
|
C00009E000
|
direct allocation
|
page read and write
|
||
|
C000148000
|
direct allocation
|
page read and write
|
||
|
24B5E2F7000
|
heap
|
page read and write
|
||
|
24B63720000
|
direct allocation
|
page read and write
|
||
|
C000062000
|
direct allocation
|
page read and write
|
||
|
C00010A000
|
direct allocation
|
page read and write
|
||
|
24B5E5F0000
|
direct allocation
|
page read and write
|
||
|
C00004D000
|
direct allocation
|
page read and write
|
||
|
7FF7D63D0000
|
unkown
|
page read and write
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
619FDFF000
|
stack
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C000098000
|
direct allocation
|
page read and write
|
||
|
24B5E286000
|
heap
|
page read and write
|
||
|
24B5E2F7000
|
heap
|
page read and write
|
||
|
C000006000
|
direct allocation
|
page read and write
|
||
|
24B5E2AF000
|
heap
|
page read and write
|
||
|
C0000A4000
|
direct allocation
|
page read and write
|
||
|
7FF7D5BD1000
|
unkown
|
page execute read
|
||
|
7FF7D63CB000
|
unkown
|
page read and write
|
||
|
24B5E610000
|
heap
|
page read and write
|
||
|
C000F95000
|
direct allocation
|
page read and write
|
||
|
C0000A8000
|
direct allocation
|
page read and write
|
||
|
C00002F000
|
direct allocation
|
page read and write
|
||
|
24B5E2CE000
|
heap
|
page read and write
|
||
|
C00005A000
|
direct allocation
|
page read and write
|
||
|
C000058000
|
direct allocation
|
page read and write
|
||
|
24B5E2D7000
|
heap
|
page read and write
|
||
|
7FF7D5FDF000
|
unkown
|
page write copy
|
||
|
C000122000
|
direct allocation
|
page read and write
|
||
|
C00028A000
|
direct allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
24B5E2FE000
|
heap
|
page read and write
|
||
|
24B5E260000
|
heap
|
page read and write
|
||
|
24B5E2DA000
|
heap
|
page read and write
|
||
|
24B5E2DB000
|
heap
|
page read and write
|
||
|
C00007E000
|
direct allocation
|
page read and write
|
||
|
C000116000
|
direct allocation
|
page read and write
|
||
|
24B5E2B5000
|
heap
|
page read and write
|
||
|
C00005E000
|
direct allocation
|
page read and write
|
||
|
C0000C2000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C000012000
|
direct allocation
|
page read and write
|
||
|
24B63729000
|
direct allocation
|
page read and write
|
||
|
24B5E2FB000
|
heap
|
page read and write
|
||
|
C00010E000
|
direct allocation
|
page read and write
|
||
|
24B5E2D2000
|
heap
|
page read and write
|
||
|
24B5E484000
|
direct allocation
|
page read and write
|
||
|
C0000C8000
|
direct allocation
|
page read and write
|
||
|
C0000CA000
|
direct allocation
|
page read and write
|
||
|
7FF7D6022000
|
unkown
|
page read and write
|
||
|
C00008C000
|
direct allocation
|
page read and write
|
||
|
C001080000
|
direct allocation
|
page read and write
|
||
|
24B5E2E4000
|
heap
|
page read and write
|
||
|
24B65610000
|
direct allocation
|
page read and write
|
||
|
C0001AD000
|
direct allocation
|
page read and write
|
||
|
24B637A8000
|
direct allocation
|
page read and write
|
||
|
24B5E2D5000
|
heap
|
page read and write
|
||
|
24B6392D000
|
direct allocation
|
page read and write
|
||
|
C000FBE000
|
direct allocation
|
page read and write
|
||
|
24B5E2A7000
|
heap
|
page read and write
|
||
|
24B5E2CB000
|
heap
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
C000042000
|
direct allocation
|
page read and write
|
||
|
24B5E2BF000
|
heap
|
page read and write
|
||
|
C000298000
|
direct allocation
|
page read and write
|
||
|
C00004B000
|
direct allocation
|
page read and write
|
||
|
7FF7D601B000
|
unkown
|
page write copy
|
||
|
C000040000
|
direct allocation
|
page read and write
|
||
|
24B5E2B6000
|
heap
|
page read and write
|
||
|
C00003B000
|
direct allocation
|
page read and write
|
||
|
619F7FF000
|
stack
|
page read and write
|
There are 242 hidden memdumps, click here to show them.