Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.PWSX-gen.12561.19906.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.orako.co.ke
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://orako.co.ke
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
orako.co.ke
|
34.195.165.88
|
|
|
|
mail.orako.co.ke
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.195.165.88
|
orako.co.ke
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4A77000
|
trusted library allocation
|
page read and write
|
|
|
|
5C30000
|
trusted library section
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
4089000
|
trusted library allocation
|
page read and write
|
|
|
|
2B0E000
|
trusted library allocation
|
page read and write
|
|
|
|
2AC1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B16000
|
trusted library allocation
|
page read and write
|
|
|
|
C3B000
|
heap
|
page read and write
|
||
|
6040000
|
trusted library allocation
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
3AE9000
|
trusted library allocation
|
page read and write
|
||
|
15FE000
|
stack
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
5840000
|
heap
|
page execute and read and write
|
||
|
64C0000
|
trusted library allocation
|
page read and write
|
||
|
52BC000
|
stack
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
12F3000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
C20000
|
unkown
|
page readonly
|
||
|
138D000
|
trusted library allocation
|
page execute and read and write
|
||
|
799000
|
stack
|
page read and write
|
||
|
2F60000
|
trusted library allocation
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F5D000
|
stack
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
28E4000
|
trusted library allocation
|
page read and write
|
||
|
48F0000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
EDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
6740000
|
heap
|
page read and write
|
||
|
5EEC000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
trusted library allocation
|
page read and write
|
||
|
4F32000
|
trusted library allocation
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
2B0C000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
2E88000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
2B23000
|
trusted library allocation
|
page read and write
|
||
|
53FE000
|
stack
|
page read and write
|
||
|
7710000
|
heap
|
page read and write
|
||
|
12CB000
|
heap
|
page read and write
|
||
|
5670000
|
heap
|
page read and write
|
||
|
5950000
|
heap
|
page read and write
|
||
|
4F2D000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
13B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
493E000
|
trusted library allocation
|
page read and write
|
||
|
7F4A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
167C000
|
stack
|
page read and write
|
||
|
5690000
|
heap
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page execute and read and write
|
||
|
C22000
|
unkown
|
page readonly
|
||
|
1393000
|
trusted library allocation
|
page read and write
|
||
|
1267000
|
heap
|
page read and write
|
||
|
51BC000
|
stack
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page execute and read and write
|
||
|
5F00000
|
trusted library allocation
|
page read and write
|
||
|
2F2B000
|
trusted library allocation
|
page read and write
|
||
|
307F000
|
stack
|
page read and write
|
||
|
2970000
|
heap
|
page execute and read and write
|
||
|
13BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
5600000
|
trusted library allocation
|
page execute and read and write
|
||
|
790E000
|
stack
|
page read and write
|
||
|
4F1E000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1020000
|
trusted library allocation
|
page execute and read and write
|
||
|
5EE0000
|
trusted library allocation
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
9DB0000
|
trusted library section
|
page read and write
|
||
|
61FE000
|
stack
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
4F21000
|
trusted library allocation
|
page read and write
|
||
|
4F04000
|
trusted library allocation
|
page read and write
|
||
|
2F70000
|
heap
|
page execute and read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
16B0000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
566B000
|
stack
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
6402000
|
heap
|
page read and write
|
||
|
293C000
|
stack
|
page read and write
|
||
|
63D0000
|
heap
|
page read and write
|
||
|
13A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
139D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6047000
|
trusted library allocation
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
5488000
|
trusted library allocation
|
page read and write
|
||
|
13A2000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
10F7000
|
stack
|
page read and write
|
||
|
D6A000
|
stack
|
page read and write
|
||
|
5480000
|
trusted library allocation
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
EBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
35A5000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
trusted library section
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
726E000
|
stack
|
page read and write
|
||
|
3AC9000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
5F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD2000
|
heap
|
page read and write
|
||
|
7510000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page read and write
|
||
|
12E3000
|
heap
|
page read and write
|
||
|
2F4D000
|
trusted library allocation
|
page read and write
|
||
|
594D000
|
stack
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
5B5E000
|
stack
|
page read and write
|
||
|
6EDDD000
|
unkown
|
page read and write
|
||
|
6EDC0000
|
unkown
|
page readonly
|
||
|
64F0000
|
heap
|
page read and write
|
||
|
7739000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
EE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
16D0000
|
heap
|
page read and write
|
||
|
13AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1680000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
EE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1282000
|
heap
|
page read and write
|
||
|
5BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1384000
|
trusted library allocation
|
page read and write
|
||
|
13B2000
|
trusted library allocation
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
16A0000
|
trusted library allocation
|
page read and write
|
||
|
4BBD000
|
stack
|
page read and write
|
||
|
4F1A000
|
trusted library allocation
|
page read and write
|
||
|
2F20000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
29A3000
|
heap
|
page read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
6050000
|
trusted library allocation
|
page read and write
|
||
|
9D2E000
|
stack
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
7565000
|
trusted library allocation
|
page read and write
|
||
|
3081000
|
trusted library allocation
|
page read and write
|
||
|
D16E000
|
stack
|
page read and write
|
||
|
32FB000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
6EDC1000
|
unkown
|
page execute read
|
||
|
EB4000
|
trusted library allocation
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
5EF0000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
EB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
498C000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
trusted library allocation
|
page read and write
|
||
|
56A3000
|
heap
|
page read and write
|
||
|
E6E000
|
stack
|
page read and write
|
||
|
32FE000
|
trusted library allocation
|
page read and write
|
||
|
32E5000
|
trusted library allocation
|
page read and write
|
||
|
3B25000
|
trusted library allocation
|
page read and write
|
||
|
28E0000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
4081000
|
trusted library allocation
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
6EDDF000
|
unkown
|
page readonly
|
||
|
1383000
|
trusted library allocation
|
page execute and read and write
|
||
|
5680000
|
trusted library section
|
page readonly
|
||
|
2F52000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
C34000
|
heap
|
page read and write
|
||
|
D06F000
|
stack
|
page read and write
|
||
|
3AC1000
|
trusted library allocation
|
page read and write
|
||
|
4F06000
|
trusted library allocation
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
1313000
|
heap
|
page read and write
|
||
|
BD5000
|
heap
|
page read and write
|
||
|
5820000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
4F12000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2838000
|
trusted library allocation
|
page read and write
|
||
|
517C000
|
stack
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
ED2000
|
trusted library allocation
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
BA8000
|
heap
|
page read and write
|
||
|
63C0000
|
heap
|
page read and write
|
||
|
6EDDD000
|
unkown
|
page read and write
|
||
|
330F000
|
trusted library allocation
|
page read and write
|
||
|
4F0B000
|
trusted library allocation
|
page read and write
|
||
|
4F26000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
heap
|
page read and write
|
||
|
5F06000
|
trusted library allocation
|
page read and write
|
||
|
5B50000
|
trusted library allocation
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
4F0E000
|
trusted library allocation
|
page read and write
|
||
|
6EDD6000
|
unkown
|
page readonly
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
2F46000
|
trusted library allocation
|
page read and write
|
||
|
CE6E000
|
stack
|
page read and write
|
||
|
2F41000
|
trusted library allocation
|
page read and write
|
||
|
16B5000
|
trusted library allocation
|
page read and write
|
||
|
16D7000
|
heap
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
52FE000
|
stack
|
page read and write
|
There are 224 hidden memdumps, click here to show them.