IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_8b6bc30ae81dc2afea68c3eabac594fb8e9329_ac3115bf_13acbd2a-08b8-421e-b81f-57c23bf42259\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
malicious
C:\ProgramData\Microsoft\Windows\WER\Temp\WER73F3.tmp.dmp
Mini DuMP crash report, 15 streams, Sat Nov 30 04:01:54 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER754B.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER756C.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\HFInUAYNqgsnDSwNdDpz.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\service123.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 --field-trial-handle=2360,i,13484378935357473721,8351465032550903243,262144 /prefetch:8
malicious
C:\Users\user\AppData\Local\Temp\service123.exe
"C:\Users\user\AppData\Local\Temp\service123.exe"
malicious
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /tn "ServiceData4" /tr "C:\Users\user\AppData\Local\Temp\/service123.exe" /st 00:01 /du 9800:59 /sc once /ri 1 /f
malicious
C:\Users\user\AppData\Local\Temp\service123.exe
C:\Users\user\AppData\Local\Temp\/service123.exe
malicious
C:\Users\user\AppData\Local\Temp\service123.exe
C:\Users\user\AppData\Local\Temp\/service123.exe
malicious
C:\Users\user\AppData\Local\Temp\service123.exe
C:\Users\user\AppData\Local\Temp\/service123.exe
malicious
C:\Users\user\AppData\Local\Temp\service123.exe
C:\Users\user\AppData\Local\Temp\/service123.exe
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1656 -s 1296
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://home.twentykx20pt.top/bugEWhhZIPIipxajeFfO1732855736?argument=WPLtZeXDD4KyKIMk1732939208
34.118.84.150
malicious
home.twentykx20pt.top
malicious
https://duckduckgo.com/chrome_newtab
unknown
https://gcc.gnu.org/bugs/):
unknown
https://mail.google.com/mail/?usp=installed_webapp
unknown
https://duckduckgo.com/ac/?q=
unknown
https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditing
unknown
https://clients3.google.com/cast/chromecast/home/wallpaper/image?rt=b
unknown
https://docs.google.com/document/J
unknown
https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhone
unknown
http://anglebug.com/4633
unknown
https://anglebug.com/7382
unknown
https://issuetracker.google.com/284462263
unknown
https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEkly
unknown
http://polymer.github.io/AUTHORS.txt
unknown
https://docs.google.com/
unknown
https://docs.google.com/document/:
unknown
https://photos.google.com/settings?referrer=CHROME_NTP
unknown
https://anglebug.com/7714
unknown
http://unisolated.invalid/
unknown
https://www.google.com/chrome/tips/
unknown
https://drive.google.com/?lfhs=2
unknown
http://anglebug.com/6248
unknown
http://anglebug.com/6929
unknown
http://anglebug.com/5281
unknown
https://www.youtube.com/?feature=ytca
unknown
https://docs.googl0
unknown
https://issuetracker.google.com/255411748
unknown
https://docs.google.com/document/u/0/create?usp=chrome_actions
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
https://docs.google.com/presentation/
unknown
https://duckduckgo.com/?q=
unknown
https://chrome.google.com/webstore
unknown
https://drive-daily-2.corp.google.com/
unknown