Analysis Overview
SHA256
dcb623cc7f3f21e92e4878c82ce79582fdf6ba1e5e0c76f19097d1496e6c4b08
Threat Level: Known bad
The file SecuriteInfo.com.Program.Unwanted.4610.15239.20339 was found to be: Known bad.
Malicious Activity Summary
PureLog Stealer
ZGRat
PureLog Stealer payload
Purelogstealer family
Detect ZGRat V1
Adds Run key to start application
Suspicious use of SetThreadContext
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-16 09:28
Signatures
PureLog Stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Purelogstealer family
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-16 09:28
Reported
2024-03-16 09:30
Platform
win7-20240221-en
Max time kernel
147s
Max time network
153s
Command Line
Signatures
PureLog Stealer
PureLog Stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | firstbaptiststjoe.org | udp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 8.8.8.8:53 | firstbaptiststjoe.org | udp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
Files
memory/1412-0-0x0000000000930000-0x00000000009AC000-memory.dmp
memory/1412-1-0x0000000073EE0000-0x00000000745CE000-memory.dmp
memory/1412-2-0x00000000048C0000-0x0000000004900000-memory.dmp
memory/1412-3-0x0000000000300000-0x000000000030A000-memory.dmp
memory/1412-4-0x0000000073EE0000-0x00000000745CE000-memory.dmp
memory/1412-5-0x00000000048C0000-0x0000000004900000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-16 09:28
Reported
2024-03-16 09:30
Platform
win10v2004-20240226-en
Max time kernel
137s
Max time network
154s
Command Line
Signatures
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
PureLog Stealer
PureLog Stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
ZGRat
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ozhvdskglxw = "C:\\Users\\Admin\\AppData\\Roaming\\Ozhvdskglxw.exe" | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ckje = "C:\\Users\\Admin\\AppData\\Roaming\\deebf\\ckje.exe" | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 928 set thread context of 2564 | N/A | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe"
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Program.Unwanted.4610.15239.exe
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 79.121.231.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firstbaptiststjoe.org | udp |
| US | 44.215.252.154:443 | firstbaptiststjoe.org | tcp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.252.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 104.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.110.54.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.134.221.88.in-addr.arpa | udp |
Files
memory/928-0-0x0000000000C40000-0x0000000000CBC000-memory.dmp
memory/928-1-0x0000000074630000-0x0000000074DE0000-memory.dmp
memory/928-2-0x0000000005700000-0x0000000005710000-memory.dmp
memory/928-3-0x0000000005570000-0x000000000557A000-memory.dmp
memory/928-4-0x0000000005FD0000-0x0000000006256000-memory.dmp
memory/928-5-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-6-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-8-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-10-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-12-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-14-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-16-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-18-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-20-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-22-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-24-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-26-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-28-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-30-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-32-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-34-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-36-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-38-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-40-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-42-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-44-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-46-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-48-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-50-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-52-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-54-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-56-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-58-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-60-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-62-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-64-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-66-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-68-0x0000000005FD0000-0x0000000006250000-memory.dmp
memory/928-200-0x0000000074630000-0x0000000074DE0000-memory.dmp
memory/928-637-0x0000000005700000-0x0000000005710000-memory.dmp
memory/928-4783-0x0000000000D80000-0x0000000000D81000-memory.dmp
memory/928-4784-0x00000000015C0000-0x000000000168E000-memory.dmp
memory/928-4785-0x0000000001270000-0x00000000012BC000-memory.dmp
memory/928-4786-0x0000000007480000-0x0000000007512000-memory.dmp
memory/928-4787-0x0000000007AD0000-0x0000000008074000-memory.dmp
memory/928-4788-0x0000000007620000-0x0000000007686000-memory.dmp
memory/2564-4793-0x0000000000400000-0x00000000004A8000-memory.dmp
memory/2564-4795-0x0000000004EB0000-0x0000000004F74000-memory.dmp
memory/2564-4796-0x0000000004EA0000-0x0000000004EB0000-memory.dmp
memory/928-4797-0x0000000074630000-0x0000000074DE0000-memory.dmp
memory/2564-4794-0x0000000074630000-0x0000000074DE0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Program.Unwanted.4610.15239.exe.log
| MD5 | 435e0068bcb9090064eedccd2e18bfca |
| SHA1 | 9329bc444452d8ac807b085e0428b159e8eed352 |
| SHA256 | 5721053800850afc4469bf2d079768d6d3444c6cb64394978830355ec1babdc6 |
| SHA512 | 6c26cac18fff415ce13c12cef4656596b32d41d918c34419e39de16b27fecd4c4c912301c2293bb9c101df41ebf08a996fa26c2460c5934c5de44f01f8aab9f6 |
memory/2564-5646-0x0000000002740000-0x0000000002741000-memory.dmp
memory/2564-5647-0x0000000004FE0000-0x0000000005036000-memory.dmp
memory/2564-5649-0x00000000052D0000-0x00000000052DA000-memory.dmp
memory/2564-5650-0x0000000074630000-0x0000000074DE0000-memory.dmp
memory/2564-5651-0x0000000004EA0000-0x0000000004EB0000-memory.dmp