File name:

DriverEasy_Setup.exe

Full analysis: https://app.any.run/tasks/06c56fa8-0bea-4c45-96ef-5c436da9cf47
Verdict: Malicious activity
Analysis date: February 17, 2024, 20:49:03
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

35C95CB6AC767B0403AD7FECF2E0C294

SHA1:

86D6FE5815065156FFA4549B7B0CEA84035E08B5

SHA256:

1686DF60C1702329B4135812668620AD396B421C30FE4C4C04038520D7940649

SSDEEP:

98304:9+QQmnokhe2U+euNSNViayvt7eSSMyDVXk0+Ej2FayGeZRatFwcNFG8SX8NjZ4hd:zP8Zxu

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads the Windows owner or organization settings

      • DriverEasy_Setup.tmp (PID: 3944)

    • Drops 7-zip archiver for unpacking

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads settings of System Certificates

      • DriverEasy.exe (PID: 4044)

    • Adds/modifies Windows certificates

      • DriverEasy.exe (PID: 4044)

    • Reads the Internet Settings

      • DriverEasy_Setup.tmp (PID: 3944)
      • DriverEasy.exe (PID: 4044)

    • Uses NETSH.EXE to add a firewall rule or allowed programs

      • DriverEasy_Setup.tmp (PID: 3944)

    • Reads security settings of Internet Explorer

      • DriverEasy_Setup.tmp (PID: 3944)

  • INFO

    • Checks supported languages

      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.tmp (PID: 4052)
      • DriverEasy_Setup.tmp (PID: 3944)
      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)
      • DriverEasy.exe (PID: 4044)
      • Easeware.CheckScheduledScan.exe (PID: 3428)

    • Reads the computer name

      • DriverEasy_Setup.tmp (PID: 4052)
      • DriverEasy_Setup.tmp (PID: 3944)
      • Easeware.CheckScheduledScan.exe (PID: 3428)
      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)
      • DriverEasy.exe (PID: 4044)

    • Create files in a temporary directory

      • DriverEasy_Setup.exe (PID: 3672)
      • DriverEasy_Setup.exe (PID: 2840)
      • DriverEasy_Setup.tmp (PID: 3944)
      • DriverEasy.exe (PID: 4044)

    • Reads the machine GUID from the registry

      • Easeware.CheckScheduledScan.exe (PID: 3428)
      • DriverEasy.exe (PID: 4044)

    • Creates files or folders in the user directory

      • Easeware.ConfigLanguageFromSetup.exe (PID: 2232)

    • Creates files in the program directory

      • DriverEasy_Setup.tmp (PID: 3944)

    • Creates a software uninstall entry

      • DriverEasy_Setup.tmp (PID: 3944)

    • Manual execution by a user

      • msedge.exe (PID: 1340)

    • Application launched itself

      • msedge.exe (PID: 1340)
      • msedge.exe (PID: 3568)
      • msedge.exe (PID: 2896)

    • Reads Environment values

      • DriverEasy.exe (PID: 4044)

    • Reads the software policy settings

      • DriverEasy.exe (PID: 4044)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (67.7)
.exe | Win32 EXE PECompact compressed (generic) (25.6)
.exe | Win32 Executable (generic) (2.7)
.exe | Win16/32 Executable Delphi generic (1.2)
.exe | Generic Win/DOS Executable (1.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2020:03:14 17:59:41+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 741376
InitializedDataSize: 314368
UninitializedDataSize: -
EntryPoint: 0xb5eec
OSVersion: 6
ImageVersion: 6
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 5.7.0.39448
ProductVersionNumber: 5.7.0.39448
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: Easeware
FileDescription: Driver Easy Setup
FileVersion: 5.7.0.39448
LegalCopyright: Copyright © 2020 Easeware.
OriginalFileName: DriverEasy_Setup.exe
ProductName: Driver Easy
ProductVersion: 5.7.0
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
74
Monitored processes
32
Malicious processes
5
Suspicious processes
0

Behavior graph

Click at the process to see the details
start drivereasy_setup.exe drivereasy_setup.tmp no specs drivereasy_setup.exe drivereasy_setup.tmp easeware.checkscheduledscan.exe no specs easeware.configlanguagefromsetup.exe no specs drivereasy.exe msedge.exe no specs netsh.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
924"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2340 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
980"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=109.0.5414.149 "--annotation=exe=C:\Program Files\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win32 "--annotation=prod=Microsoft Edge" --annotation=ver=109.0.1518.115 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd8,0x6752f598,0x6752f5a8,0x6752f5b4C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1072"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1340"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --do-not-de-elevate https://www.drivereasy.com/redirect/manager.php?info=postinstall&lang=en&ver=&installer_id=C:\Program Files\Microsoft\Edge\Application\msedge.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1504"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1424 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:2C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1792"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1536 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:3C:\Program Files\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1840"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --first-renderer-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2284 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1932"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3828 --field-trial-handle=1240,i,8979620621538978872,9589784578355694801,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2060"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1304 --field-trial-handle=1272,i,16191447120064134319,2644692447413717192,131072 /prefetch:2C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2232"C:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exe" DriverEasy en TrueC:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exeDriverEasy_Setup.tmp
User:
admin
Company:
Easeware
Integrity Level:
HIGH
Description:
Easeware.ConfigLanguageFromSetup
Exit code:
0
Version:
1.0.4.0
Modules
Images
c:\program files\easeware\drivereasy\easeware.configlanguagefromsetup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
Total events
23 712
Read events
23 500
Write events
192
Delete events
20

Modification events

(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Owner
Value:
680F000002875AC4E261DA01
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:SessionHash
Value:
BDEC629B297A82B80DD468C49B9CCA57432FA6557815FEA3AD2E5A4111DB7F4C
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:Sequence
Value:
1
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFiles0000
Value:
C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Operation:writeName:RegFilesHash
Value:
2043C725EB21E820C2DCE044784C566E9D24188A61907580A6D079EB432AF866
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Classes\drivereasy
Operation:writeName:URL Protocol
Value:
C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: Setup Version
Value:
6.0.4 (u)
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files\Easeware\DriverEasy
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files\Easeware\DriverEasy\
(PID) Process:(3944) DriverEasy_Setup.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1
Operation:writeName:Inno Setup: Icon Group
Value:
Driver Easy
Executable files
31
Suspicious files
30
Text files
92
Unknown types
78

Dropped files

PID
Process
Filename
Type
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\background_welcome.pngimage
MD5:F048154D9062A3C2F147B6380CE6F3AC
SHA256:1D537619EA6508A383387D88E523522436E86DC72B929680E1552B10E44CF0F6
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\botva2.dllexecutable
MD5:67965A5957A61867D661F05AE1F4773E
SHA256:450B9B0BA25BF068AFBC2B23D252585A19E282939BF38326384EA9112DFD0105
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\background_welcome_more.pngimage
MD5:A6D3E5688C82C04D29A0A9EE356E9A8B
SHA256:E940C5F6F7CAD5CE4EB7A66E15F5604D4F4DA5902B53A5259EB045775C93EE4C
2840DriverEasy_Setup.exeC:\Users\admin\AppData\Local\Temp\is-67A3B.tmp\DriverEasy_Setup.tmpexecutable
MD5:BF7BDC7DC3C5FD170DD8A4BE0792BCA8
SHA256:4EE175F572B19121C541C52D2919CF3716DF6C9875C2A4F8A5979283CA6383B2
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\innocallback.dllexecutable
MD5:1C55AE5EF9980E3B1028447DA6105C75
SHA256:6AFA2D104BE6EFE3D9A2AB96DBB75DB31565DAD64DD0B791E402ECC25529809F
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\icon_custom.pngimage
MD5:39AB68A67302E28F0AE08EC418890D2E
SHA256:A22AA447E1F620098E969D56688E79CC4B3B729AFE83A13468E86CD2927545DF
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\button_setup_or_next.pngimage
MD5:B9E4B8247138AFE12AE2157B20628DE9
SHA256:7877A7839C12C635271F4F03B980F80CB2CDD19B9C660E706EDAC85F2CA50022
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\icon_uncustom.pngimage
MD5:5A7F3314FBD8A3DB765394798BC8A9CE
SHA256:2F67D842567176B42176784BB001EC63E3D84685FA35AEBE5C23DB20A969D427
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\progressbar_background.pngimage
MD5:8590E035E72584CA56EBA6A9DFB23A33
SHA256:C5267FFEA02E06C538C8BE10B1B83513830D6390A069761D10A4B67D9E684F0B
3944DriverEasy_Setup.tmpC:\Users\admin\AppData\Local\Temp\is-8LAM5.tmp\progressbar_foreground.pngimage
MD5:1432DB7BB8B975C28F110A373D9EFE94
SHA256:ADD59E97C665F0B2E91ED46A9E229320CA3B99F64FC09A54FD5456A8D906F82A
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
58
DNS requests
60
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4044
DriverEasy.exe
GET
200
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?74a929b4e85e2178
unknown
compressed
65.2 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
4
System
192.168.100.255:138
whitelisted
4044
DriverEasy.exe
142.250.185.78:443
www.google-analytics.com
GOOGLE
US
whitelisted
1340
msedge.exe
239.255.255.250:1900
unknown
1792
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
1792
msedge.exe
13.107.21.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
1792
msedge.exe
51.38.74.198:443
www.drivereasy.com
OVH SAS
FR
unknown
1792
msedge.exe
142.250.186.40:443
www.googletagmanager.com
unknown
1792
msedge.exe
142.250.185.161:443
yt3.ggpht.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
www.google-analytics.com
  • 142.250.185.78
whitelisted
config.edge.skype.com
  • 13.107.42.16
whitelisted
www.drivereasy.com
  • 51.38.74.198
unknown
edge.microsoft.com
  • 13.107.21.239
  • 204.79.197.239
whitelisted
www.googletagmanager.com
  • 142.250.186.40
whitelisted
yt3.ggpht.com
  • 142.250.185.161
whitelisted
i.ytimg.com
  • 216.58.206.54
  • 142.250.74.214
  • 142.250.186.54
  • 142.250.185.118
  • 142.250.185.86
  • 172.217.18.22
  • 172.217.16.214
  • 142.250.185.182
  • 142.250.185.150
  • 142.250.185.214
  • 142.250.186.86
  • 172.217.16.150
  • 142.250.186.118
  • 142.250.186.150
  • 172.217.18.118
  • 142.250.186.182
whitelisted
s.ytimg.com
  • 216.58.206.46
whitelisted
cdn.affiliatable.io
  • 169.150.247.39
unknown
images.drivereasy.com
  • 135.125.140.37
unknown

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
DriverEasy_Setup.exe