Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
QR-Code.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_QR-Code.exe_b9f18af12be74e1c59f420cd1792bde82da23_c34d70d2_e652e088-48e5-4024-9b6a-4cd42a0b43a5\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDB81.tmp.dmp
|
Mini DuMP crash report, 15 streams, Tue Apr 23 12:52:49 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDCE9.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDD19.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
20.42.73.29
|
unknown
|
United States
|