File details
File name: safeips.exe
Name: SafeIPS.exe
Version: 2.2.2.9
Size: 3.62 MB
Resource utilization
 | CPU utilization averages |
Total CPU: 0.0022259415%
Privileged CPU:
0.0015236945%

User CPU:
0.00070224695954%

Privileged CPU time: 140588.1 ms
Privileged CPU time /min: 150 ms
CPU cycle count:
1,049,594,772
CPU cycle count /min: 1,015,604,358
 | Memory utilization averages |
Committed memory:
105.68 MB
Peak committed memory: 110.79 MB
Paged memory:
5.25 MB
Peak paged memory: 5.32 MB
Paged system memory:
79.26 KB
Non-paged system memory: 23.86 KB
Working set memory:
4.05 MB
Peak working set memory: 8.64 MB
Min working set memory: 3.59 MB
Private memory:
5.25 MB
Page faults:
3,786,585
Page faults /min: 4,029
 | Process I/O averages |
Total read operations:
44,195
Read operations /min: 47
Total read transfer: 913.35 KB
Read transfer /min: 995 Bytes
Total write operations:
28
Write operations /min: 1
Total write transfer: 1.87 KB
Write transfer /min: 2 Bytes
Total other operations:
4,923
Other operations /min: 5
Total other transfer: 383.43 KB
Other Transfer /min: 418 Bytes
Resources
Handle count average: 677
Thread count average: 153
Thread resource averages
sechost.dll

Total CPU: 0.149723715505%
Privileged CPU: 0.076155367174%
User CPU: 0.073568348331%
CPU Cycle count /sec: 16,384,537
Module memory size: 100 KB
ntdll.dll

Total CPU: 0.064544439623%
Privileged CPU: 0.037813791278%
User CPU: 0.026730648346%
CPU Cycle count /sec: 597,722
Module memory size: 1.23 MB
Total CPU: 0.015981527027%
Privileged CPU: 0.011950390970%
User CPU: 0.004031136058%
CPU Cycle count /sec: 734,194
Module memory size: 3.65 MB
Process details
Runs as (owner): System
Integrety level: System
Windows platform: 32-bit
Runs as a service: Yes
Parent Process
Process Command
"C:\Program Files\SafeIP\SafeIPs.exe"
Service details
Name: SafeIPS
Service type:
Win32OwnProcess
Description: “SafeIP proxy service component”
Network connectivity
TCP: 164-177-152-40.static.cloud-ips.co.uk on port 49171
Image hashes
MD5: 4041c61869d9f4ad570c298af54ff6c8
SHA-1: 8f4479b8eac8af29ba2ced2a9afeda8d91de9ab8
SHA-256: ca8f417fcf107302c24ae99e131ff7dce5a9005590af4dc707eba5eb25132512
PE image details
Subsystem: Windows GUI
File packed: No
Import Table
advapi32.dll

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegisterEventSourceA
StartServiceA
LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerW
QueryServiceStatusEx
DeleteService
ChangeServiceConfigW
CreateServiceW
ChangeServiceConfig2A
ChangeServiceConfigA
QueryServiceConfigW
OpenServiceA
ControlService
RegEnumKeyExA
RegQueryInfoKeyA
OpenThreadToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSid
GetLengthSid
CopySid
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus
RegisterEventSourceW
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceW
CloseServiceHandle
GetSecurityDescriptorLength
OpenProcessToken
GetTokenInformation
RegEnumKeyA
ConvertStringSidToSidA
LookupAccountSidW
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
AllocateAndInitializeSid
SetEntriesInAclA
RegSetValueExA
crypt32.dll

CertOpenSystemStoreA
CertCloseStore
CertOpenStore
CertNameToStrA
CertFreeCertificateContext
CertFreeCertificateChain
CertGetCertificateChain
CertCreateCertificateContext
CertEnumCRLsInStore
CertEnumCertificatesInStore
gdi32.dll

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA
kernel32.dll
ole32.dll

CoUninitialize
CoInitialize
CoInitializeSecurity
CoInitializeEx
StringFromGUID2
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoTaskMemRealloc
ProgIDFromCLSID
CoTaskMemAlloc
CoTaskMemFree
psapi.dll

GetProcessImageFileNameW
GetModuleFileNameExW
secur32.dll

user32.dll

MessageBoxA
GetDesktopWindow
GetUserObjectInformationW
LoadStringA
CharNextA
CharNextW
PostThreadMessageA
DispatchMessageA
PeekMessageA
SetThreadDesktop
MsgWaitForMultipleObjectsEx
DestroyWindow
CreateWindowExA
UnregisterClassA
DefWindowProcA
RegisterClassA
KillTimer
PostMessageA
GetMessageA
TranslateMessage
SetTimer
GetProcessWindowStation
CreateDesktopA
SetProcessWindowStation
version.dll

GetFileVersionInfoW
GetFileVersionInfoSizeW
ws2_32.dll

WSAIoctl
getaddrinfo
WSASocketA
WSAEventSelect
freeaddrinfo
WSCGetProviderPath
WSCEnumProtocols