File name:

DriverEasy_Setup.exe

Full analysis: https://app.any.run/tasks/06c56fa8-0bea-4c45-96ef-5c436da9cf47
Verdict: Malicious activity
Analysis date: February 17, 2024, 20:49:03
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

35C95CB6AC767B0403AD7FECF2E0C294

SHA1:

86D6FE5815065156FFA4549B7B0CEA84035E08B5

SHA256:

1686DF60C1702329B4135812668620AD396B421C30FE4C4C04038520D7940649

SSDEEP:

98304:9+QQmnokhe2U+euNSNViayvt7eSSMyDVXk0+Ej2FayGeZRatFwcNFG8SX8NjZ4hd:zP8Zxu

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads the Windows owner or organization settings

      • DriverEasy_Setup.tmp (PID: 3944)

    • Drops 7-zip archiver for unpacking

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads the Internet Settings

      • DriverEasy_Setup.tmp (PID: 3944)
      • DriverEasy.exe (PID: 4044)

    • Uses NETSH.EXE to add a firewall rule or allowed programs

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads security settings of Internet Explorer

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads settings of System Certificates

      • DriverEasy.exe (PID: 4044)

    • Adds/modifies Windows certificates

      • DriverEasy.exe (PID: 4044)

  • INFO

    • Checks supported languages

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.tmp (PID: 4052)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)
      • Easeware.CheckScheduledScan.exe (PID: 3428)
      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)
      • DriverEasy.exe (PID: 4044)

    • Create files in a temporary directory

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)
      • DriverEasy.exe (PID: 4044)

    • Reads the computer name

      • DriverEasy_Setup.tmp (PID: 4052)
      • DriverEasy_Setup.tmp (PID: 3944)
      • Easeware.CheckScheduledScan.exe (PID: 3428)
      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)
      • DriverEasy.exe (PID: 4044)

    • Creates files in the program directory

      • DriverEasy_Setup.tmp (PID: 3944)

    • Creates a software uninstall entry

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads the machine GUID from the registry

      • Easeware.CheckScheduledScan.exe (PID: 3428)
      • DriverEasy.exe (PID: 4044)

    • Creates files or folders in the user directory

      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)

    • Application launched itself

      • msedge.exe (PID: 2896)
      • msedge.exe (PID: 3568)
      • msedge.exe (PID: 1340)

    • Manual execution by a user

      • msedge.exe (PID: 1340)

    • Reads Environment values

      • DriverEasy.exe (PID: 4044)

    • Reads the software policy settings

      • DriverEasy.exe (PID: 4044)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (67.7)
.exe | Win32 EXE PECompact compressed (generic) (25.6)
.exe | Win32 Executable (generic) (2.7)
.exe | Win16/32 Executable Delphi generic (1.2)
.exe | Generic Win/DOS Executable (1.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2020:03:14 17:59:41+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 741376
InitializedDataSize: 314368
UninitializedDataSize: -
EntryPoint: 0xb5eec
OSVersion: 6
ImageVersion: 6
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 5.7.0.39448
ProductVersionNumber: 5.7.0.39448
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: Easeware
FileDescription: Driver Easy Setup
FileVersion: 5.7.0.39448
LegalCopyright: Copyright © 2020 Easeware.
OriginalFileName: DriverEasy_Setup.exe
ProductName: Driver Easy
ProductVersion: 5.7.0
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
74
Monitored processes
32
Malicious processes
5
Suspicious processes
0

Behavior graph

Click at the process to see the details
start drivereasy_setup.exe drivereasy_setup.tmp no specs drivereasy_setup.exe drivereasy_setup.tmp easeware.checkscheduledscan.exe no specs easeware.configlanguagefromsetup.exe no specs drivereasy.exe msedge.exe no specs netsh.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
924"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2340 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
980"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=109.0.5414.149 "--annotation=exe=C:\Program Files\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win32 "--annotation=prod=Microsoft Edge" --annotation=ver=109.0.1518.115 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd8,0x6752f598,0x6752f5a8,0x6752f5b4C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1072"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1340"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --do-not-de-elevate https://www.drivereasy.com/redirect/manager.php?info=postinstall&lang=en&ver=&installer_id=C:\Program Files\Microsoft\Edge\Application\msedge.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1504"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1424 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:2C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1792"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1536 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:3C:\Program Files\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1840"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --first-renderer-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2284 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1932"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3828 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2060"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1304 --field-trial-handle=1272,i,16191447120064134319,2644692447413717192,131072 /prefetch:2C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2232"C:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exe" DriverEasy en TrueC:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exeDriverEasy_Setup.tmp
User:
admin
Company:
Easeware
Integrity Level:
HIGH
Description:
Easeware.ConfigLanguageFromSetup
Exit code:
0
Version:
1.0.4.0
Modules
Images
c:\program files\easeware\drivereasy\easeware.configlanguagefromsetup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
Total events
23 712
Read events
23 500
Write events
192
Delete events
20

Modification events

(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Owner
Value:
680F000002875AC4E261DA01
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:SessionHash
Value:
BDEC629B297A82B80DD468C49B9CCA57432FA6557815FEA3AD2E5A4111DB7F4C
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Sequence
Value:
1
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFiles0000
Value:
C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFilesHash
Value:
2043C725EB21E820C2DCE044784C566E9D24188A61907580A6D079EB432AF866
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Classes\drivereasy
Operation:writeName:URL Protocol
Value:
C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: Setup Version
Value:
6.0.4 (u)
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files\Easeware\DriverEasy
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files\Easeware\DriverEasy\
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: Icon Group
Value:
Driver Easy
Executable files
31
Suspicious files
30
Text files
92
Unknown types
78

Dropped files

PID
Process
Filename
Type
2840DriverEasy_Setup.exeC:\Users\admin\AppData\Local\Temp\is-67A3B.tmp\DriverEasy_Setup.tmpexecutable
MD5:BF7BDC7DC3C5FD170DD8A4BE0792BCA8
SHA256:4EE175F572B19121C541C52D2919CF3716DF6C9875C2A4F8A5979283CA6383B2
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\icon_custom.pngimage
MD5:39AB68A67302E28F0AE08EC418890D2E
SHA256:A22AA447E1F620098E969D56688E79CC4B3B729AFE83A13468E86CD2927545DF
3672DriverEasy_Setup.exeC:\Users\admin\AppData\Local\Temp\is-MTMUV.tmp\DriverEasy_Setup.tmpexecutable
MD5:BF7BDC7DC3C5FD170DD8A4BE0792BCA8
SHA256:4EE175F572B19121C541C52D2919CF3716DF6C9875C2A4F8A5979283CA6383B2
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\botva2.dllexecutable
MD5:67965A5957A61867D661F05AE1F4773E
SHA256:450B9B0BA25BF068AFBC2B23D252585A19E282939BF38326384EA9112DFD0105
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\innocallback.dllexecutable
MD5:1C55AE5EF9980E3B1028447DA6105C75
SHA256:6AFA2D104BE6EFE3D9A2AB96DBB75DB31565DAD64DD0B791E402ECC25529809F
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\background_welcome.pngimage
MD5:F048154D9062A3C2F147B6380CE6F3AC
SHA256:1D537619EA6508A383387D88E523522436E86DC72B929680E1552B10E44CF0F6
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\isxdl.dllexecutable
MD5:48AD1A1C893CE7BF456277A0A085ED01
SHA256:B0CC4697B2FD1B4163FDDCA2050FC62A9E7D221864F1BD11E739144C90B685B3
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\progressbar_foreground.pngimage
MD5:1432DB7BB8B975C28F110A373D9EFE94
SHA256:ADD59E97C665F0B2E91ED46A9E229320CA3B99F64FC09A54FD5456A8D906F82A
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\checkbox_license.pngimage
MD5:B66AFF516F0D0B51AC1330AD38F0DA68
SHA256:E76216C1183152853638F804170EFEBE8D061D11C30EA9BF9E6ED1A9FCC6AFED
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\background_installing.pngimage
MD5:DD797AAD2893785472AAA18EC9D131E0
SHA256:33DFE9609B7AA20BC064A4F4429CCEFBA07BA951ADC5CE2A8F994945E6A17B57
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
58
DNS requests
60
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4044
DriverEasy.exe
GET
200
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?74a929b4e85e2178
GB
compressed
65.2 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
4
System
192.168.100.255:138
whitelisted
4044
DriverEasy.exe
142.250.185.78:443
www.google-analytics.com
GOOGLE
US
whitelisted
1340
msedge.exe
239.255.255.250:1900
unknown
1792
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
1792
msedge.exe
13.107.21.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
1792
msedge.exe
51.38.74.198:443
www.drivereasy.com
OVH SAS
FR
unknown
1792
msedge.exe
142.250.186.40:443
www.googletagmanager.com
unknown
1792
msedge.exe
142.250.185.161:443
yt3.ggpht.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
www.google-analytics.com
  • 142.250.185.78
whitelisted
config.edge.skype.com
  • 13.107.42.16
whitelisted
www.drivereasy.com
  • 51.38.74.198
unknown
edge.microsoft.com
  • 13.107.21.239
  • 204.79.197.239
whitelisted
www.googletagmanager.com
  • 142.250.186.40
whitelisted
yt3.ggpht.com
  • 142.250.185.161
whitelisted
i.ytimg.com
  • 216.58.206.54
  • 142.250.74.214
  • 142.250.186.54
  • 142.250.185.118
  • 142.250.185.86
  • 172.217.18.22
  • 172.217.16.214
  • 142.250.185.182
  • 142.250.185.150
  • 142.250.185.214
  • 142.250.186.86
  • 172.217.16.150
  • 142.250.186.118
  • 142.250.186.150
  • 172.217.18.118
  • 142.250.186.182
whitelisted
s.ytimg.com
  • 216.58.206.46
whitelisted
cdn.affiliatable.io
  • 169.150.247.39
unknown
images.drivereasy.com
  • 135.125.140.37
unknown

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
DriverEasy_Setup.exe