File name:

AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe

Full analysis: https://app.any.run/tasks/1cc0d6c7-11f2-47e1-9c26-fb3931dc3d00
Verdict: Malicious activity
Analysis date: February 23, 2024, 18:40:29
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

1F5DA031871BB1E785D4F48EB17CF012

SHA1:

780F5566C69B85B6D9EB8D09594D483E09376D49

SHA256:

067DC3E7EF97C2C1394FFFF229574E41C099853444252CC54433CF659F0B1F57

SSDEEP:

98304:o+cD4dnCJcgfn11aCXIyu0Y5jTfbKy2IT6q4a6cb1w+thDfMMmUejxSHEP4e18HK:zPoEXPn3ZKE90

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe (PID: 2964)
      • Mouse Drive Beta.exe (PID: 120)
      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

  • SUSPICIOUS

    • Process drops legitimate windows executable

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)
      • Mouse Drive Beta.exe (PID: 120)

    • Executable content was dropped or overwritten

      • Mouse Drive Beta.exe (PID: 120)
      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe (PID: 2964)
      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

    • The process drops C-runtime libraries

      • Mouse Drive Beta.exe (PID: 120)
      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

    • Reads the Windows owner or organization settings

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

  • INFO

    • Checks supported languages

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe (PID: 2964)
      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)
      • Mouse Drive Beta.exe (PID: 120)

    • Reads the computer name

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)
      • Mouse Drive Beta.exe (PID: 120)

    • Reads the machine GUID from the registry

      • Mouse Drive Beta.exe (PID: 120)

    • Creates a software uninstall entry

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

    • Creates files in the program directory

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp (PID: 3944)

    • Create files in a temporary directory

      • AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe (PID: 2964)
      • Mouse Drive Beta.exe (PID: 120)

    • Reads Environment values

      • Mouse Drive Beta.exe (PID: 120)

    • Creates files or folders in the user directory

      • Mouse Drive Beta.exe (PID: 120)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (67.7)
.exe | Win32 EXE PECompact compressed (generic) (25.6)
.exe | Win32 Executable (generic) (2.7)
.exe | Win16/32 Executable Delphi generic (1.2)
.exe | Generic Win/DOS Executable (1.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2022:04:14 16:10:23+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 741888
InitializedDataSize: 100864
UninitializedDataSize: -
EntryPoint: 0xb5eec
OSVersion: 6.1
ImageVersion: 6
SubsystemVersion: 6.1
Subsystem: Windows GUI
FileVersionNumber: 0.0.0.0
ProductVersionNumber: 0.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: AJazz
FileDescription: AJAZZ Mouse Drive Setup
FileVersion:
LegalCopyright:
OriginalFileName:
ProductName: AJAZZ Mouse Drive
ProductVersion: 1.0.0.4
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
44
Monitored processes
4
Malicious processes
3
Suspicious processes
0

Behavior graph

Click at the process to see the details
start ajazz mouse drive_v1.0.0.4_2023.12.04_setup.exe ajazz mouse drive_v1.0.0.4_2023.12.04_setup.tmp mouse drive beta.exe ajazz mouse drive_v1.0.0.4_2023.12.04_setup.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
120"C:\Program Files\AJAZZ Mouse Drive\Mouse Drive Beta.exe"C:\Program Files\AJAZZ Mouse Drive\Mouse Drive Beta.exe
AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp
User:
admin
Integrity Level:
HIGH
Exit code:
0
Version:
1.0.0.4
Modules
Images
c:\program files\ajazz mouse drive\mouse drive beta.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
2964"C:\Users\admin\AppData\Local\Temp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe" C:\Users\admin\AppData\Local\Temp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe
explorer.exe
User:
admin
Company:
AJazz
Integrity Level:
HIGH
Description:
AJAZZ Mouse Drive Setup
Exit code:
0
Version:
Modules
Images
c:\users\admin\appdata\local\temp\ajazz mouse drive_v1.0.0.4_2023.12.04_setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
3944"C:\Users\admin\AppData\Local\Temp\is-HFUPQ.tmp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp" /SL5="$F0170,5740300,843776,C:\Users\admin\AppData\Local\Temp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe" C:\Users\admin\AppData\Local\Temp\is-HFUPQ.tmp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmp
AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe
User:
admin
Company:
AJazz
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-hfupq.tmp\ajazz mouse drive_v1.0.0.4_2023.12.04_setup.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\mpr.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
4052"C:\Users\admin\AppData\Local\Temp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe" C:\Users\admin\AppData\Local\Temp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exeexplorer.exe
User:
admin
Company:
AJazz
Integrity Level:
MEDIUM
Description:
AJAZZ Mouse Drive Setup
Exit code:
3221226540
Version:
Modules
Images
c:\users\admin\appdata\local\temp\ajazz mouse drive_v1.0.0.4_2023.12.04_setup.exe
c:\windows\system32\ntdll.dll
Total events
2 316
Read events
2 273
Write events
36
Delete events
7

Modification events

(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Owner
Value:
680F0000CAF4F3CD8766DA01
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:SessionHash
Value:
2D58B6DE6BF9CEFCC8803580F1033B71366525A2D562F255B3382BEAF7DFC708
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Sequence
Value:
1
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Compx\AJazz\AJAZZ Mouse Drive
Operation:writeName:LanguageIndex
Value:
00
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFiles0000
Value:
C:\Program Files\AJAZZ Mouse Drive\Mouse Drive Beta.exe
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFilesHash
Value:
AB7B3125768C706918B4B5AAFF999228DF2C1318F56488364EF969C4ADA5FDFD
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids
Operation:writeName:AJAZZMouseDriveFile.myp
Value:
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\Mouse Drive Beta.exe\SupportedTypes
Operation:writeName:.myp
Value:
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_CURRENT_USER\Software\Compx\AJazz\AJAZZ Mouse Drive
Operation:delete keyName:(default)
Value:
(PID) Process:(3944) AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{296DC132-A8B9-4C03-8634-808613A798B7}_is1
Operation:writeName:Inno Setup: Setup Version
Value:
6.2.1
Executable files
17
Suspicious files
3
Text files
295
Unknown types
0

Dropped files

PID
Process
Filename
Type
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\unins000.exeexecutable
MD5:22D5F59D0ECC290B03E537883F84E10F
SHA256:EEFCF7CC6AB0D88498BCD40830FD038A5C175346918F4AA198DBB2002DFAA289
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\Description.xmlxml
MD5:ED081C6B26B41BAFABA6DBAA9C4797CE
SHA256:A715AAE16095986EE3CF428E45E33E5880577DD5DAA0E12C3BA138CFA9A42417
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\Mouse Drive Beta.exeexecutable
MD5:60A00D7C2A2CEFCCB9ED51EEBB7D18CA
SHA256:43FBE0B4CCEB46D5A82A4CEF54E21877EC467ADBDCF80D899EE3CEE854CE28F5
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\is-QQSNV.tmpini
MD5:605AE26FFBC31B8195DE0742E1818C1D
SHA256:C37F619A5621CFF101D180D780D128244DE2A062E7807F871B3E88507152B7C1
2964AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exeC:\Users\admin\AppData\Local\Temp\is-HFUPQ.tmp\AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpexecutable
MD5:FE66D56930A8A82712608BFAE6E294E1
SHA256:5A9123CB852044976F1932C7BFDA4B6666FFC0D33BB2F5C2AF86A0C99BBE62C9
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\is-R5P3P.tmpexecutable
MD5:60A00D7C2A2CEFCCB9ED51EEBB7D18CA
SHA256:43FBE0B4CCEB46D5A82A4CEF54E21877EC467ADBDCF80D899EE3CEE854CE28F5
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\is-F7425.tmpexecutable
MD5:75E78E4BF561031D39F86143753400FF
SHA256:1758085A61527B427C4380F0C976D29A8BEE889F2AC480C356A3F166433BF70E
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\oleaut32.dllexecutable
MD5:EAB5ADED2242FEAEE371ED5CAB6EA919
SHA256:BBE70836E44BA71555906D37011EC2AA3F86BD1314F5431406BBA8F305DFB570
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\is-RKSLE.tmpexecutable
MD5:027BE4EC2E361F040BF186279C73D05F
SHA256:F5CAC23ABEF741A8F49296DA0FCB405FD7150149AB09C1243F4CD97C4F1D4C86
3944AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.tmpC:\Program Files\AJAZZ Mouse Drive\vcruntime140_1.dllexecutable
MD5:75E78E4BF561031D39F86143753400FF
SHA256:1758085A61527B427C4380F0C976D29A8BEE889F2AC480C356A3F166433BF70E
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
4
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
AJAZZ Mouse Drive_v1.0.0.4_2023.12.04_setup.exe