File name:

Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe

Full analysis: https://app.any.run/tasks/e547c8ae-d297-4fd2-8ab2-ed62b7ab0ca1
Verdict: Malicious activity
Analysis date: September 29, 2024, 13:28:19
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
pyinstaller
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5:

6940A2574B9F6B57131A1FFFC99631C1

SHA1:

4D03F302532BAE46A39095648986C6201075C285

SHA256:

1393E44E7E78171E5D713D99972B5D80F816D6A1B32B3ABBCC3726D1F44F1E6F

SSDEEP:

196608:VTg/62egx3Uku5Q92CP9AoIDveNvYiVhq9vJUW+P:32DSyP9vIDveNvY0kUXP

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Process drops python dynamic module

      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

    • Executable content was dropped or overwritten

      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 752)
      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

    • The process drops C-runtime libraries

      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

    • Process drops legitimate windows executable

      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

    • Application launched itself

      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

  • INFO

    • Reads the computer name

      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 752)

    • Checks supported languages

      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 752)

    • Create files in a temporary directory

      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 752)

    • Manual execution by a user

      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 4176)
      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 5880)
      • Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe (PID: 3848)
      • MINA Overwatch 2 Server Selector.exe (PID: 2080)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)

    • PyInstaller has been detected (YARA)

      • MINA Overwatch 2 Server Selector.exe (PID: 3456)
      • MINA Overwatch 2 Server Selector.exe (PID: 6648)
      • MINA Overwatch 2 Server Selector.exe (PID: 2616)
      • MINA Overwatch 2 Server Selector.exe (PID: 1252)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable MS Visual C++ (generic) (64.4)
.dll | Win32 Dynamic Link Library (generic) (13.5)
.exe | Win32 Executable (generic) (9.3)
.exe | Win16/32 Executable Delphi generic (4.2)
.exe | Generic Win/DOS Executable (4.1)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2023:07:18 17:13:29+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit, No debug
PEType: PE32
LinkerVersion: 2.5
CodeSize: 795648
InitializedDataSize: 198144
UninitializedDataSize: -
EntryPoint: 0x16276
OSVersion: 4
ImageVersion: -
SubsystemVersion: 5
Subsystem: Windows GUI
FileVersionNumber: 0.3.1.0
ProductVersionNumber: 0.3.1.0
FileFlagsMask: 0x0000
FileFlags: (none)
FileOS: Unknown (0)
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
ProductName: MINA Overwatch 2 Server Blocker Setup
InternalName: Setup MINA Overwatch 2 Server Selector v5.3.1
OriginalFileName: Setup MINA Overwatch 2 Server Selector v5.3.1.exe
ProductVersion: v5.3.1
FileVersion: v5.3.1
CompanyName: MINA Overwatch 2 Server Selector
Comments: Created with InstallForge 1.4.4
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
140
Monitored processes
14
Malicious processes
5
Suspicious processes
0

Behavior graph

Click at the process to see the details
start setup.mina.overwatch.2.server.selector.v5.3.1.exe THREAT mina overwatch 2 server selector.exe mina overwatch 2 server selector.exe no specs THREAT mina overwatch 2 server selector.exe setup.mina.overwatch.2.server.selector.v5.3.1.exe no specs setup.mina.overwatch.2.server.selector.v5.3.1.exe mina overwatch 2 server selector.exe no specs THREAT mina overwatch 2 server selector.exe mina overwatch 2 server selector.exe no specs THREAT mina overwatch 2 server selector.exe mina overwatch 2 server selector.exe no specs mina overwatch 2 server selector.exe no specs mina overwatch 2 server selector.exe no specs setup.mina.overwatch.2.server.selector.v5.3.1.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
752"C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe" C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe
explorer.exe
User:
admin
Company:
MINA Overwatch 2 Server Selector
Integrity Level:
HIGH
Exit code:
0
Version:
v5.3.1
Modules
Images
c:\users\admin\desktop\setup.mina.overwatch.2.server.selector.v5.3.1.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
1164"C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe" C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeexplorer.exe
User:
admin
Company:
MINA Overwatch 2 Server Selector
Integrity Level:
MEDIUM
Exit code:
3221226540
Version:
v5.3.1
Modules
Images
c:\users\admin\desktop\setup.mina.overwatch.2.server.selector.v5.3.1.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
1252"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe" C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe
explorer.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
2080"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe" C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
3221226540
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
2616"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe" C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe
explorer.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
3032"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe" C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exeMINA Overwatch 2 Server Selector.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
3456"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe
Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe
User:
admin
Integrity Level:
HIGH
Exit code:
0
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
3848"C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe" C:\Users\admin\Desktop\Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe
explorer.exe
User:
admin
Company:
MINA Overwatch 2 Server Selector
Integrity Level:
HIGH
Exit code:
0
Version:
v5.3.1
Modules
Images
c:\users\admin\desktop\setup.mina.overwatch.2.server.selector.v5.3.1.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
4176"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe" C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
3221226540
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
4576"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exe"C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\MINA Overwatch 2 Server Selector.exeMINA Overwatch 2 Server Selector.exe
User:
admin
Integrity Level:
HIGH
Exit code:
0
Modules
Images
c:\users\admin\appdata\roaming\overwatchserverblocker\bin\mina overwatch 2 server selector.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
Total events
2 371
Read events
2 356
Write events
15
Delete events
0

Modification events

(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\DirectSound\Speaker Configuration
Operation:writeName:Speaker Configuration
Value:
4
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:DisplayIcon
Value:
C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\LOGO_SMALL_APPLICATION.ico
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:UninstallString
Value:
C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\Uninstall.exe
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:InstallDate
Value:
20240929
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:InstallLocation
Value:
C:\Users\admin\AppData\Roaming\OverwatchServerBlocker\bin\
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:EstimatedSize
Value:
19539
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:NoModify
Value:
1
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:NoRepair
Value:
1
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:DisplayName
Value:
MINA Overwatch 2 Server Blocker
(PID) Process:(752) Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MINA Overwatch 2 Server Blocker
Operation:writeName:DisplayVersion
Value:
v5.3.1
Executable files
354
Suspicious files
59
Text files
3 912
Unknown types
10

Dropped files

PID
Process
Filename
Type
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\setupArchive.archive
MD5:
SHA256:
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\SC.dattext
MD5:1F4107FA05F5058029931D7373D7E70A
SHA256:7C2EBF176D82646A8BD29D861C2AF23A58855FD4C13FFAC87296F4BB103139F4
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\setupConfiguration.archivecompressed
MD5:1ED04F1E24D4FA4B1C0A2DF377FDB7DF
SHA256:180060A733573D2C244A23BBCCD7CE01637C1F945050F223114FB6A661CA5A3D
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\languages.dattext
MD5:9B19749D2B9A0BFCD91EC91E8294B94E
SHA256:250D7DFD1810D232F48AAB673AC62AA1A5B635F2E7DFC63F4BC136F2D223B526
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\Desktop.dattext
MD5:CD62A014565BD37768BB75EB18E9B21B
SHA256:6283CD2407D5DEEEBC3B42B7551798E0F668F8A8410E47F86A2D5CF297D9C6E1
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\OS.dattext
MD5:48D3C4D4CDC791B3C3E5B4432C3EA0BA
SHA256:38F778CBB7AA3D52F7FD5AB5CCF30B25962A6A5FECDFF6EFBB10501829459CA5
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\headerImage.datimage
MD5:1F8A555068BB43A7261974BE5CD9A756
SHA256:8C8988E06395FA7CF06BA0146EF971F3680E8A006E4286466C7B51F8AAC2FF03
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\English.ifltext
MD5:2922D0C758D9C3C10CBDC59F91979D0C
SHA256:20F6D12EAC29BD6DDC6A99DD276C5E200FAC25C976AB4293195B58EC164C253F
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\Serials.dattext
MD5:465E2403B5F46A0B87261BB19B0BCA64
SHA256:F71F7B2D23D21C68E7F5C10A1A9F6244BD675727F3DB108767FB934F0CA4C011
752Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exeC:\Users\admin\AppData\Local\Temp\IF{CCDE57C0-1C8F-4768-A810-53B56F51EB04}\wizardImage.datimage
MD5:8224F9E1E4EE098CE2DAEA4A387A1C8E
SHA256:9DF14CF88C77B301C9EB60AD43545F850CEDB3F2B890FA15A43099384532BBF1
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
3
TCP/UDP connections
26
DNS requests
7
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3916
svchost.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
2120
MoUsoCoreWorker.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
POST
200
13.69.116.109:443
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.0&x-apikey=33d70a864599496b982a39f036f71122-2064703e-3a9d-4d90-8362-eec08dffe8e8-7176
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
3916
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2120
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3888
svchost.exe
239.255.255.250:1900
whitelisted
4
System
192.168.100.255:138
whitelisted
3916
svchost.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
2120
MoUsoCoreWorker.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
2120
MoUsoCoreWorker.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3916
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.104.136.2
whitelisted
google.com
  • 142.250.185.174
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted
browser.pipe.aria.microsoft.com
  • 20.189.173.16
whitelisted
www.google.com
  • 142.250.184.228
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
Setup.MINA.Overwatch.2.Server.Selector.v5.3.1.exe