File name:

vdvdvdvdvdvd.zip

Full analysis: https://app.any.run/tasks/92360bf2-8840-4dfe-ba36-6cdce8c3a57a
Verdict: Malicious activity
Analysis date: July 28, 2024, 19:57:28
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=deflate
MD5:

C0234F278FE2C931C1AF2CDFDC606A37

SHA1:

59C3964CB1B0D93314762803FFF05305201544F7

SHA256:

10CCC337FEAB8A229E1B76B756B213DE6E944DCEB53F7A39579079B08DD41314

SSDEEP:

98304:+1fGrh1/FWzvRscspM0wq5DqJ96MiahHHQ/CnObT0CGC/htOX0CnRQM9qIaGHs+O:brk9DTrk9Dl

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 5040)
      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • 1222.exe (PID: 6440)
      • Watch Dogs 2 Trainer.exe (PID: 188)

  • SUSPICIOUS

    • Reads the BIOS version

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • 1222.exe (PID: 6440)
      • Watch Dogs 2 Trainer.exe (PID: 188)

    • Reads security settings of Internet Explorer

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)
      • 1222.exe (PID: 6440)

    • Executable content was dropped or overwritten

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • Watch Dogs 2 Trainer.exe (PID: 188)
      • 1222.exe (PID: 6440)

    • Reads the date of Windows installation

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • 1222.exe (PID: 6728)
      • 1222.exe (PID: 6440)

    • Reads Microsoft Outlook installation path

      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)

    • Reads Internet Explorer settings

      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)

    • Starts CMD.EXE for commands execution

      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)

  • INFO

    • Reads the computer name

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)
      • 1222.exe (PID: 6440)

    • Manual execution by a user

      • 1333.exe (PID: 892)
      • 1333.exe (PID: 6588)
      • 1222.exe (PID: 7084)
      • 1222.exe (PID: 6728)
      • 1222.exe (PID: 2088)
      • 1222.exe (PID: 6440)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 5040)

    • Creates files in the program directory

      • 1333.exe (PID: 6588)

    • Checks supported languages

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • 1222.exe (PID: 6440)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)

    • Reads the machine GUID from the registry

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • 1222.exe (PID: 6728)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)
      • 1222.exe (PID: 6440)

    • Process checks computer location settings

      • 1333.exe (PID: 6588)
      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • 1222.exe (PID: 6728)
      • 1222.exe (PID: 6440)

    • Checks proxy server information

      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)
      • slui.exe (PID: 4388)

    • Process checks Internet Explorer phishing filters

      • Watch Dogs 2 Trainer.exe (PID: 4012)
      • Watch Dogs 2 Trainer.exe (PID: 7052)
      • Watch Dogs 2 Trainer.exe (PID: 188)

    • Reads the software policy settings

      • slui.exe (PID: 4388)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: -
ZipCompression: Deflated
ZipModifyDate: 2018:03:11 01:01:32
ZipCRC: 0x5eef6b08
ZipCompressedSize: 4957373
ZipUncompressedSize: 5049344
ZipFileName: 1222.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
182
Monitored processes
41
Malicious processes
6
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe slui.exe 1333.exe no specs 1333.exe watch dogs 2 trainer.exe cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs choice.exe no specs choice.exe no specs choice.exe no specs choice.exe no specs choice.exe no specs 1222.exe no specs 1222.exe watch dogs 2 trainer.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs choice.exe no specs cmd.exe no specs choice.exe no specs conhost.exe no specs choice.exe no specs choice.exe no specs choice.exe no specs 1222.exe no specs 1222.exe watch dogs 2 trainer.exe

Process information

PID
CMD
Path
Indicators
Parent process
132"C:\Windows\System32\cmd.exe" /C choice /C Y /N /D Y /T 3 & Del "C:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exe"C:\Windows\System32\cmd.exeWatch Dogs 2 Trainer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Command Processor
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
188"C:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exe" C:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exe
1222.exe
User:
admin
Company:
Watch Dogs 2 (v1.017.189.2.1088394)
Integrity Level:
HIGH
Description:
Watch Dogs 2 Trainer
Version:
1.0.17.189
Modules
Images
c:\users\admin\futurexgame\watch dogs 2 trainer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
204choice /C Y /N /D Y /T 3 C:\Windows\System32\choice.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Offers the user a choice
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\choice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
256\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
892"C:\Users\admin\Desktop\1333.exe" C:\Users\admin\Desktop\1333.exeexplorer.exe
User:
admin
Company:
Watch Dogs 2 (v1.017.189.2.1088394)
Integrity Level:
MEDIUM
Description:
Watch Dogs 2 Trainer
Exit code:
3221226540
Version:
1.0.17.189
Modules
Images
c:\users\admin\desktop\1333.exe
c:\windows\system32\ntdll.dll
1028choice /C Y /N /D Y /T 3 C:\Windows\System32\choice.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Offers the user a choice
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\choice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
1080\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1140choice /C Y /N /D Y /T 3 C:\Windows\System32\choice.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Offers the user a choice
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\choice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
1188choice /C Y /N /D Y /T 3 C:\Windows\System32\choice.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Offers the user a choice
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\choice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
1244choice /C Y /N /D Y /T 3 C:\Windows\System32\choice.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Offers the user a choice
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\choice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
Total events
21 928
Read events
21 848
Write events
76
Delete events
4

Modification events

(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\GoogleChromeEnterpriseBundle64.zip
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Desktop\vdvdvdvdvdvd.zip
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\MainWin
Operation:writeName:Placement
Value:
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3D0000002D000000FD03000016020000
(PID) Process:(5040) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\General
Operation:writeName:LastFolder
Value:
C:\Users\admin\Desktop
Executable files
9
Suspicious files
0
Text files
4
Unknown types
0

Dropped files

PID
Process
Filename
Type
65881333.exeC:\ProgramData\mntemptext
MD5:46FCEB5B54B41D3D38B01D332A8BB477
SHA256:E203771C47E0689C6D3A0C4EF25CAA965DDE14F3E37557BB6E8CCB0079BBADFF
65881333.exeC:\Users\admin\FutureXGame\settings.txttext
MD5:C2987509582197A4964BAD85454E457E
SHA256:8667BF893E8232747964EAA578793BFD1259579FFDBF8EC7796BF6A48662A52F
4012Watch Dogs 2 Trainer.exeC:\Users\admin\Desktop\1333.exeexecutable
MD5:4BFFC3D4F5AC31EF06A449CC5005FBD8
SHA256:8CDC52BA330D55CCEF4DCB84BB54B2EB03746F4C2BE30A74472866FEFA8C3756
67281222.exeC:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exeexecutable
MD5:592C3BF2281F64240AA0534AE11425BB
SHA256:294DF3396081C3D0089EE494341951C14686740B317A23C0B90AC309B89AEE67
5040WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa5040.47761\1333.exeexecutable
MD5:B1330B4D2711624A4AF7C38D03FFB8E8
SHA256:88E002AAA71DEBA04D600C761208291DF1C574737F71FC6CFC9650776698EE24
64401222.exeC:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exeexecutable
MD5:592C3BF2281F64240AA0534AE11425BB
SHA256:294DF3396081C3D0089EE494341951C14686740B317A23C0B90AC309B89AEE67
65881333.exeC:\Users\admin\FutureXGame\Watch Dogs 2 Trainer.exeexecutable
MD5:592C3BF2281F64240AA0534AE11425BB
SHA256:294DF3396081C3D0089EE494341951C14686740B317A23C0B90AC309B89AEE67
4012Watch Dogs 2 Trainer.exeC:\Users\admin\Desktop\1333_.exeexecutable
MD5:B1330B4D2711624A4AF7C38D03FFB8E8
SHA256:88E002AAA71DEBA04D600C761208291DF1C574737F71FC6CFC9650776698EE24
188Watch Dogs 2 Trainer.exeC:\Users\admin\Desktop\1222_.exeexecutable
MD5:B1330B4D2711624A4AF7C38D03FFB8E8
SHA256:88E002AAA71DEBA04D600C761208291DF1C574737F71FC6CFC9650776698EE24
5040WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa5040.47761\1222.exeexecutable
MD5:B1330B4D2711624A4AF7C38D03FFB8E8
SHA256:88E002AAA71DEBA04D600C761208291DF1C574737F71FC6CFC9650776698EE24
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
51
DNS requests
27
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4424
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
5368
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
3676
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
unknown
whitelisted
4132
OfficeClickToRun.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEApDqVCbATUviZV57HIIulA%3D
unknown
whitelisted
5368
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEApDqVCbATUviZV57HIIulA%3D
unknown
whitelisted
2116
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
131.253.33.254:443
a-ring-fallback.msedge.net
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
3952
svchost.exe
239.255.255.250:1900
whitelisted
104.126.37.155:443
www.bing.com
Akamai International B.V.
DE
unknown
6220
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
5692
slui.exe
13.77.207.86:443
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
6012
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2736
slui.exe
13.77.207.86:443
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
1108
RUXIMICS.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4
System
192.168.100.255:137
whitelisted

DNS requests

Domain
IP
Reputation
t-ring-fdv2.msedge.net
  • 13.107.237.254
unknown
a-ring-fallback.msedge.net
  • 131.253.33.254
unknown
www.bing.com
  • 104.126.37.155
  • 104.126.37.146
  • 104.126.37.145
  • 104.126.37.153
  • 104.126.37.161
  • 104.126.37.147
  • 104.126.37.154
  • 104.126.37.185
  • 104.126.37.177
  • 104.126.37.129
  • 104.126.37.130
  • 104.126.37.144
  • 104.126.37.123
  • 104.126.37.176
  • 104.126.37.179
  • 104.126.37.139
  • 104.126.37.186
whitelisted
settings-win.data.microsoft.com
  • 40.127.240.158
  • 51.104.136.2
whitelisted
google.com
  • 142.250.185.238
whitelisted
login.live.com
  • 40.126.32.134
  • 20.190.160.20
  • 40.126.32.140
  • 40.126.32.76
  • 40.126.32.138
  • 20.190.160.14
  • 20.190.160.22
  • 40.126.32.68
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
client.wns.windows.com
  • 40.115.3.253
  • 40.113.110.67
whitelisted
fp-afd-nocache-ccp.azureedge.net
  • 13.107.246.45
whitelisted
fd.api.iris.microsoft.com
  • 20.223.35.26
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
vdvdvdvdvdvd.zip