Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6A45.tmp.dmp
|
Mini DuMP crash report, 15 streams, Mon Apr 29 16:23:56 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6BDD.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6C1C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe"
|
|
|
|
C:\Users\user\Desktop\SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.MSIL.Kryptik.ALLD.tr.8114.2947.exe"
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4696 -s 1304
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dav12221.duckdns.org
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dav12221.duckdns.org
|
207.32.218.48
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
207.32.218.48
|
dav12221.duckdns.org
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
ProgramId
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
FileId
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
LongPathHash
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Name
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
OriginalFileName
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Publisher
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Version
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
BinFileVersion
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
BinaryType
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
ProductName
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
ProductVersion
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
LinkDate
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
BinProductVersion
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Size
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Language
|
||
|
\REGISTRY\A\{b5814394-091d-4473-9825-08b692c749f5}\Root\InventoryApplicationFile\securiteinfo.com|a8fe46e8e33d9a37
|
Usn
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
34D1000
|
trusted library allocation
|
page read and write
|
|
|
|
1373000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
51AD000
|
trusted library allocation
|
page read and write
|
||
|
F6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1823000
|
trusted library allocation
|
page execute and read and write
|
||
|
1996000
|
trusted library allocation
|
page execute and read and write
|
||
|
5184000
|
trusted library allocation
|
page read and write
|
||
|
53F1000
|
trusted library allocation
|
page read and write
|
||
|
5E2E000
|
stack
|
page read and write
|
||
|
1390000
|
trusted library allocation
|
page read and write
|
||
|
5ACE000
|
stack
|
page read and write
|
||
|
F73000
|
trusted library allocation
|
page read and write
|
||
|
34CE000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
40C000
|
remote allocation
|
page execute and read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
FC7000
|
heap
|
page read and write
|
||
|
113B000
|
stack
|
page read and write
|
||
|
6810000
|
heap
|
page read and write
|
||
|
5B5D000
|
stack
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
5995000
|
trusted library allocation
|
page read and write
|
||
|
4C68000
|
trusted library allocation
|
page read and write
|
||
|
1041000
|
heap
|
page read and write
|
||
|
19C0000
|
trusted library allocation
|
page read and write
|
||
|
14F5000
|
stack
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
518E000
|
trusted library allocation
|
page read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
5192000
|
trusted library allocation
|
page read and write
|
||
|
599D000
|
trusted library allocation
|
page read and write
|
||
|
19A7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3300000
|
heap
|
page execute and read and write
|
||
|
5952000
|
trusted library allocation
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
1830000
|
heap
|
page read and write
|
||
|
FAF000
|
heap
|
page read and write
|
||
|
FE2000
|
unkown
|
page readonly
|
||
|
5B05000
|
trusted library allocation
|
page read and write
|
||
|
1984000
|
trusted library allocation
|
page read and write
|
||
|
19A0000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1399000
|
trusted library allocation
|
page read and write
|
||
|
1A68000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
1A70000
|
trusted library allocation
|
page read and write
|
||
|
F7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
519E000
|
trusted library allocation
|
page read and write
|
||
|
F86000
|
trusted library allocation
|
page execute and read and write
|
||
|
566D000
|
stack
|
page read and write
|
||
|
1820000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1545000
|
heap
|
page read and write
|
||
|
13A5000
|
trusted library allocation
|
page read and write
|
||
|
62EE000
|
stack
|
page read and write
|
||
|
3C61000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
5AD4000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page execute and read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page execute and read and write
|
||
|
5DEF000
|
stack
|
page read and write
|
||
|
199A000
|
trusted library allocation
|
page execute and read and write
|
||
|
D37000
|
stack
|
page read and write
|
||
|
595B000
|
trusted library allocation
|
page read and write
|
||
|
FC4000
|
heap
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
unkown
|
page readonly
|
||
|
1A0E000
|
stack
|
page read and write
|
||
|
5AD0000
|
trusted library allocation
|
page read and write
|
||
|
150E000
|
heap
|
page read and write
|
||
|
197E000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
F98000
|
heap
|
page read and write
|
||
|
5B10000
|
trusted library section
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page read and write
|
||
|
5BA0000
|
heap
|
page execute and read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
1824000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library section
|
page read and write
|
||
|
59C0000
|
heap
|
page read and write
|
||
|
59FE000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
5985000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
5379000
|
stack
|
page read and write
|
||
|
5976000
|
trusted library allocation
|
page read and write
|
||
|
55CE000
|
stack
|
page read and write
|
||
|
518B000
|
trusted library allocation
|
page read and write
|
||
|
1A65000
|
trusted library allocation
|
page read and write
|
||
|
C3B000
|
stack
|
page read and write
|
||
|
19AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1292000
|
trusted library allocation
|
page read and write
|
||
|
51A6000
|
trusted library allocation
|
page read and write
|
||
|
5954000
|
trusted library allocation
|
page read and write
|
||
|
51C9000
|
trusted library allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
FBA000
|
heap
|
page read and write
|
||
|
5AD9000
|
trusted library allocation
|
page read and write
|
||
|
129B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
61EE000
|
stack
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1527000
|
heap
|
page read and write
|
||
|
44D5000
|
trusted library allocation
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
32F8000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
trusted library allocation
|
page read and write
|
||
|
150B000
|
heap
|
page read and write
|
||
|
599A000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
182D000
|
trusted library allocation
|
page execute and read and write
|
||
|
170E000
|
stack
|
page read and write
|
||
|
32E0000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
trusted library allocation
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
61AE000
|
stack
|
page read and write
|
||
|
5440000
|
heap
|
page execute and read and write
|
||
|
F64000
|
trusted library allocation
|
page read and write
|
||
|
1A90000
|
heap
|
page read and write
|
||
|
3C89000
|
trusted library allocation
|
page read and write
|
||
|
59BC000
|
stack
|
page read and write
|
||
|
1A4E000
|
stack
|
page read and write
|
||
|
152C000
|
heap
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
heap
|
page read and write
|
||
|
517A000
|
stack
|
page read and write
|
||
|
10A0000
|
unkown
|
page readonly
|
||
|
32E7000
|
trusted library allocation
|
page read and write
|
||
|
4DFD000
|
stack
|
page read and write
|
||
|
51B2000
|
trusted library allocation
|
page read and write
|
||
|
1542000
|
heap
|
page read and write
|
||
|
5971000
|
trusted library allocation
|
page read and write
|
||
|
58BA000
|
stack
|
page read and write
|
||
|
606E000
|
stack
|
page read and write
|
||
|
596E000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
180E000
|
stack
|
page read and write
|
||
|
51A1000
|
trusted library allocation
|
page read and write
|
||
|
562C000
|
stack
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
5F2F000
|
stack
|
page read and write
|
||
|
5ADE000
|
trusted library allocation
|
page read and write
|
||
|
187E000
|
stack
|
page read and write
|
||
|
3CC4000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
trusted library allocation
|
page read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
1573000
|
heap
|
page read and write
|
||
|
60AE000
|
stack
|
page read and write
|
||
|
F63000
|
trusted library allocation
|
page execute and read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
1A60000
|
trusted library allocation
|
page read and write
|
||
|
1297000
|
trusted library allocation
|
page execute and read and write
|
There are 165 hidden memdumps, click here to show them.