Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Program.Unwanted.5531.23089.22779.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\4ddigdllfixer_4ddig\4ddigdllfixer_4ddig_20240424042756790.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5531.23089.22779.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5531.23089.22779.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://dl.tenorshare.net/AnyDataRecovery_any_x64.exe
|
unknown
|
||
|
http://dl.tenorshare.net/AnyDataRecovery_net_x64.exe
|
unknown
|
||
|
https://download.tenorshare.com/downloads/extra/4ddigdllfixer_4ddig.exe;
|
unknown
|
||
|
http://download.wondershare.com/cbs_down/drfone_recover_full3366.exe
|
unknown
|
||
|
https://analytics.afirstsoft.cn/collect
|
unknown
|
||
|
https://download.tenorshare.com/downloads/extra/4ddigdllfixer_4ddig.exey
|
unknown
|
||
|
https://integrated.tenorshare.com/api/v1/ticket/feedback
|
unknown
|
||
|
http://curl.haxx.se/docs/http-cookies.html#
|
unknown
|
||
|
http://crl.mic
|
unknown
|
||
|
https://download.tenorshh
|
unknown
|
||
|
https://download.any-data-recovery.com/downloads/extra/AnyDataRecovery_any_x64.exe
|
unknown
|
||
|
https://download.tenorshare.com/downad
|
unknown
|
||
|
https://www.tenorshare.com/downloads/service/softwarelog.txt
|
unknown
|
||
|
https://download.tenorshare.com/down
|
unknown
|
||
|
https://product-alert.afirstsoft.cn/api/exception/sendpid=%d&type=2&exception_code=Hash_Check_Fail_C
|
unknown
|
||
|
https://download.tenorshare.com/downloads/extra/4ddigdllfixer_4ddig.exexD
|
unknown
|
||
|
https://update.tenorshare.cn/download/checkCross?cross_end_id=%s
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
http://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
https://download.tenorshare.com/downloads/extra/4ddigdllfixer_4ddig.exe
|
unknown
|
||
|
https://www.tenorshare.com/downloads/service/softwarelog.txtnQ
|
unknown
|
||
|
https://integrated.tenorshare.com/api/v1/ticket/feedback&subject=&version=&log_id=&content=&useremai
|
unknown
|
||
|
https://www.tenorshare.com/
|
unknown
|
||
|
https://download.tenorshare.net/downloads/extra/AnyDataRecovery_net_x64.exe
|
unknown
|
||
|
https://update.tenorshare.com/queryDownloader?LanguageId=1033&SoftWareID=%d&SiteID=1%s
|
unknown
|
||
|
https://update.tenorshare.com/download/checkCross?cross_end_id=%s
|
unknown
|
||
|
https://update.tenorshare.com/queryDownloader?LanguageId=%d&SoftWareID=%d&SiteID=%d%s
|
unknown
|
||
|
https://analytics-test.afirstsoft.cn/collector
|
unknown
|
||
|
https://product-alert.afirstsoft.cn/api/exception/send
|
unknown
|
||
|
http://www.tenorshare.com/downloads/service/softwarelog.txt
|
unknown
|
||
|
http://www.tenorshare.com/downloads/service/softwarelog.txthttp://ip-api.com/csvsuccess/QueryTools?L
|
unknown
|
||
|
http://update.tenorshare.com/queryDownloader?LanguageId=%d&SoftWareID=%d&SiteID=%d%s&package_type=2h
|
unknown
|
||
|
https://analytics-test.afirstsoft.cn/collectorurl:mac
|
unknown
|
||
|
https://check.mobie.appcloudd$L
|
unknown
|
||
|
https://download.tenorshare.com/downloads/extra/AnyDataRecovery_ts_x64.exe
|
unknown
|
||
|
http://update.tenorshare.cn/download/checkCross?cross_end_id=%s
|
unknown
|
||
|
http://ip-api.com/csv
|
208.95.112.1
|
||
|
https://check.mobie.app
|
unknown
|
||
|
http://dl.tenorshare.net/AnyDataRecovery_ts_x64.exe
|
unknown
|
||
|
http://update.tenorshare.com/queryDownloader?LanguageId=%d&SoftWareID=%d&SiteID=%d%s
|
unknown
|
||
|
https://update.tenorshare.cn/queryDownloader?LanguageId=%d&SoftWareID=%d&SiteID=%d%s
|
unknown
|
There are 31 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
||
|
www.tenorshare.com
|
unknown
|
||
|
update.tenorshare.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Tenorshare\Downloader2.5.0
|
GA_PC
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GuidGuidold
|
guid
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GuidGuidold
|
user_id
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5DCC000
|
heap
|
page read and write
|
||
|
574A000
|
heap
|
page read and write
|
||
|
A32000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
4C6D000
|
heap
|
page read and write
|
||
|
EF9000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
5DBB000
|
heap
|
page read and write
|
||
|
A7B000
|
heap
|
page read and write
|
||
|
2625000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
2621000
|
heap
|
page read and write
|
||
|
5BA0000
|
heap
|
page read and write
|
||
|
2601000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
4BEF000
|
stack
|
page read and write
|
||
|
3501000
|
heap
|
page read and write
|
||
|
A6D000
|
heap
|
page read and write
|
||
|
5E26000
|
heap
|
page read and write
|
||
|
2634000
|
heap
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
7C6000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A54000
|
heap
|
page read and write
|
||
|
262F000
|
heap
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2682000
|
heap
|
page read and write
|
||
|
2677000
|
heap
|
page read and write
|
||
|
6D1000
|
unkown
|
page execute and read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
A71000
|
heap
|
page read and write
|
||
|
5DCB000
|
heap
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
A3E000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
5D6B000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
5AB0000
|
heap
|
page read and write
|
||
|
5DB5000
|
heap
|
page read and write
|
||
|
4C4F000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
5CA0000
|
heap
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
5A2E000
|
stack
|
page read and write
|
||
|
4CAF000
|
heap
|
page read and write
|
||
|
5E26000
|
heap
|
page read and write
|
||
|
34EC000
|
heap
|
page read and write
|
||
|
2682000
|
heap
|
page read and write
|
||
|
364E000
|
heap
|
page read and write
|
||
|
4F70000
|
remote allocation
|
page read and write
|
||
|
4F70000
|
remote allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2622000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
5DCB000
|
heap
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
267B000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
25EE000
|
stack
|
page read and write
|
||
|
26EF000
|
heap
|
page read and write
|
||
|
35B2000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
2645000
|
heap
|
page read and write
|
||
|
5DB8000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
5DD4000
|
heap
|
page read and write
|
||
|
A54000
|
heap
|
page read and write
|
||
|
5DE2000
|
heap
|
page read and write
|
||
|
2632000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
59B9000
|
heap
|
page read and write
|
||
|
2681000
|
heap
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
59F0000
|
remote allocation
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
4C25000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
3651000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
4C3A000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
5DD4000
|
heap
|
page read and write
|
||
|
2620000
|
heap
|
page read and write
|
||
|
34CB000
|
heap
|
page read and write
|
||
|
4C3A000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
267B000
|
heap
|
page read and write
|
||
|
A84000
|
heap
|
page read and write
|
||
|
A87000
|
heap
|
page read and write
|
||
|
50EC000
|
stack
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
2665000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
35BB000
|
heap
|
page read and write
|
||
|
A54000
|
heap
|
page read and write
|
||
|
5CD2000
|
heap
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
374E000
|
stack
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
3595000
|
heap
|
page read and write
|
||
|
A81000
|
heap
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
3742000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
5DD4000
|
heap
|
page read and write
|
||
|
4CC0000
|
heap
|
page read and write
|
||
|
5DCB000
|
heap
|
page read and write
|
||
|
6BE000
|
unkown
|
page execute and read and write
|
||
|
A54000
|
heap
|
page read and write
|
||
|
2632000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
A41000
|
heap
|
page read and write
|
||
|
5E26000
|
heap
|
page read and write
|
||
|
AF7000
|
heap
|
page read and write
|
||
|
4CA7000
|
heap
|
page read and write
|
||
|
2691000
|
heap
|
page read and write
|
||
|
2632000
|
heap
|
page read and write
|
||
|
5CCE000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
5DE2000
|
heap
|
page read and write
|
||
|
2666000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
3557000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
836000
|
heap
|
page read and write
|
||
|
A71000
|
heap
|
page read and write
|
||
|
26A9000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
349A000
|
heap
|
page read and write
|
||
|
A47000
|
heap
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
5DA4000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
264B000
|
heap
|
page read and write
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
350A000
|
heap
|
page read and write
|
||
|
A49000
|
heap
|
page read and write
|
||
|
AF9000
|
heap
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
2681000
|
heap
|
page read and write
|
||
|
388E000
|
stack
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
4C69000
|
heap
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
3505000
|
heap
|
page read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
5DE2000
|
heap
|
page read and write
|
||
|
A51000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
51DD000
|
stack
|
page read and write
|
||
|
A82000
|
heap
|
page read and write
|
||
|
2622000
|
heap
|
page read and write
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
5DE2000
|
heap
|
page read and write
|
||
|
51ED000
|
stack
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
4CBC000
|
heap
|
page read and write
|
||
|
5DB9000
|
heap
|
page read and write
|
||
|
599F000
|
stack
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
35B8000
|
heap
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
2691000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
59BD000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
5DD4000
|
heap
|
page read and write
|
||
|
26A9000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
2681000
|
heap
|
page read and write
|
||
|
2691000
|
heap
|
page read and write
|
||
|
2633000
|
heap
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
603000
|
unkown
|
page execute and write copy
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
5DE2000
|
heap
|
page read and write
|
||
|
5CCB000
|
heap
|
page read and write
|
||
|
267F000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
4C42000
|
heap
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
AAB000
|
heap
|
page read and write
|
||
|
A89000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
3508000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
4CB7000
|
heap
|
page read and write
|
||
|
A49000
|
heap
|
page read and write
|
||
|
4C42000
|
heap
|
page read and write
|
||
|
629F000
|
unkown
|
page read and write
|
||
|
3409000
|
heap
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
A49000
|
heap
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
262E000
|
heap
|
page read and write
|
||
|
A72000
|
heap
|
page read and write
|
||
|
195000
|
stack
|
page read and write
|
||
|
26AE000
|
heap
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
4CD7000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
370F000
|
unkown
|
page read and write
|
||
|
6D3000
|
unkown
|
page execute and read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
5DD4000
|
heap
|
page read and write
|
||
|
5E26000
|
heap
|
page read and write
|
||
|
7C6000
|
unkown
|
page read and write
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
3664000
|
heap
|
page read and write
|
||
|
2633000
|
heap
|
page read and write
|
||
|
A0A000
|
heap
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
5DD8000
|
heap
|
page read and write
|
||
|
5D55000
|
heap
|
page read and write
|
||
|
A79000
|
heap
|
page read and write
|
||
|
5DDF000
|
heap
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
2621000
|
heap
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
2645000
|
heap
|
page read and write
|
||
|
5D7E000
|
heap
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
A36000
|
heap
|
page read and write
|
||
|
7C5000
|
unkown
|
page execute and write copy
|
||
|
A87000
|
heap
|
page read and write
|
||
|
4C9B000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
A6F000
|
heap
|
page read and write
|
||
|
26D4000
|
heap
|
page read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
362B000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
4CB9000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
5CD2000
|
heap
|
page read and write
|
||
|
5DCB000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
ECC000
|
stack
|
page read and write
|
||
|
2677000
|
heap
|
page read and write
|
||
|
4D09000
|
heap
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
5D84000
|
heap
|
page read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
5E26000
|
heap
|
page read and write
|
||
|
7B5000
|
unkown
|
page execute and read and write
|
There are 294 hidden memdumps, click here to show them.