Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_d3e5259f869449b189bc189777f48eae9eafba1_238c56c6_77b46a27-816a-464b-b945-d5ab9894d071\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC45C.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Apr 23 15:44:36 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC49C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC4DB.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.177.26778.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 416 -s 196
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
ProgramId
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
FileId
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
LongPathHash
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Name
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
OriginalFileName
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Publisher
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Version
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
BinFileVersion
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
BinaryType
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
ProductName
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
ProductVersion
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
LinkDate
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
BinProductVersion
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Size
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Language
|
||
|
\REGISTRY\A\{d983bff6-120d-9515-2667-7a9b73c40d89}\Root\InventoryApplicationFile\securiteinfo.com|ccb67ba678a48714
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDABBE6B3
|
There are 13 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
C38000
|
heap
|
page read and write
|
||
|
2B42000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
B5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
BAF000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
C7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D0000
|
direct allocation
|
page execute and read and write
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
7130000
|
heap
|
page read and write
|
||
|
4E0000
|
unkown
|
page readonly
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
5030000
|
trusted library allocation
|
page read and write
|
||
|
AA37000
|
trusted library allocation
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
C76000
|
trusted library allocation
|
page execute and read and write
|
||
|
73AF000
|
stack
|
page read and write
|
||
|
7495000
|
trusted library allocation
|
page read and write
|
||
|
E26F000
|
stack
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
4E20000
|
trusted library allocation
|
page read and write
|
||
|
53D5000
|
heap
|
page read and write
|
||
|
1418000
|
direct allocation
|
page execute and read and write
|
||
|
BB1000
|
heap
|
page read and write
|
||
|
530D000
|
stack
|
page read and write
|
||
|
2775000
|
trusted library allocation
|
page read and write
|
||
|
E12F000
|
stack
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
4E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7480000
|
trusted library allocation
|
page execute and read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4980000
|
trusted library allocation
|
page read and write
|
||
|
28F1000
|
trusted library allocation
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
BFD000
|
heap
|
page read and write
|
||
|
59EF000
|
heap
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
126E000
|
direct allocation
|
page execute and read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
4E9B000
|
stack
|
page read and write
|
||
|
DE6E000
|
stack
|
page read and write
|
||
|
E02E000
|
stack
|
page read and write
|
||
|
7CC000
|
stack
|
page read and write
|
||
|
C12000
|
heap
|
page read and write
|
||
|
1381000
|
direct allocation
|
page execute and read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
41E3000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C82000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
heap
|
page read and write
|
||
|
59F6000
|
heap
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page read and write
|
||
|
B63000
|
trusted library allocation
|
page read and write
|
||
|
7250000
|
trusted library section
|
page read and write
|
||
|
C24000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
11F9000
|
direct allocation
|
page execute and read and write
|
||
|
B7E000
|
heap
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
6BE2000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
28E0000
|
heap
|
page execute and read and write
|
||
|
B54000
|
trusted library allocation
|
page read and write
|
||
|
1396000
|
direct allocation
|
page execute and read and write
|
||
|
42CE000
|
trusted library allocation
|
page read and write
|
||
|
4147000
|
trusted library allocation
|
page read and write
|
||
|
11FD000
|
direct allocation
|
page execute and read and write
|
||
|
BEF000
|
heap
|
page read and write
|
||
|
C8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
D17000
|
heap
|
page read and write
|
||
|
59F4000
|
heap
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library section
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
E3AE000
|
stack
|
page read and write
|
||
|
2762000
|
trusted library allocation
|
page read and write
|
||
|
38F1000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
C87000
|
trusted library allocation
|
page execute and read and write
|
||
|
E2AE000
|
stack
|
page read and write
|
||
|
273B000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
heap
|
page execute and read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
CEE000
|
stack
|
page read and write
|
||
|
711A000
|
heap
|
page read and write
|
||
|
72AE000
|
stack
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
B7B000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
DE2E000
|
stack
|
page read and write
|
||
|
B97000
|
heap
|
page read and write
|
||
|
139D000
|
direct allocation
|
page execute and read and write
|
||
|
4E53000
|
heap
|
page read and write
|
||
|
2756000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
2DAF000
|
trusted library allocation
|
page read and write
|
||
|
2E06000
|
trusted library allocation
|
page read and write
|
||
|
274E000
|
trusted library allocation
|
page read and write
|
||
|
28C0000
|
trusted library allocation
|
page read and write
|
||
|
937000
|
stack
|
page read and write
|
||
|
5037000
|
trusted library allocation
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
749E000
|
trusted library allocation
|
page read and write
|
||
|
B6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
2890000
|
trusted library allocation
|
page read and write
|
||
|
4E2000
|
unkown
|
page readonly
|
||
|
E16E000
|
stack
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
48F0000
|
trusted library section
|
page read and write
|
||
|
2760000
|
trusted library allocation
|
page read and write
|
||
|
272C000
|
stack
|
page read and write
|
||
|
4A8C000
|
stack
|
page read and write
|
||
|
4EA0000
|
trusted library section
|
page readonly
|
||
|
38F8000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
275D000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
7F410000
|
trusted library allocation
|
page execute and read and write
|
||
|
70C0000
|
heap
|
page read and write
|
||
|
710E000
|
heap
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
2751000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
4195000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
7240000
|
trusted library section
|
page read and write
|
||
|
70BE000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library section
|
page read and write
|
||
|
59D0000
|
heap
|
page read and write
|
||
|
B53000
|
trusted library allocation
|
page execute and read and write
|
There are 138 hidden memdumps, click here to show them.