Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
cambridge.shareholdersuite.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_cambridge.shareh_b0b1b6854f979e9e27d3f079aaadcb4db67090f2_dd0f84fe_82132d7a-9be1-4710-9e0b-377f233cb68f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER74FA.tmp.dmp
|
Mini DuMP crash report, 14 streams, Tue Feb 7 18:54:09 2023, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER76EF.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER775D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
C:\Windows\appcompat\Programs\Amcache.hve.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
20.189.173.20
|
unknown
|
United States
|