File name:

xd.bat

Full analysis: https://app.any.run/tasks/9557bee0-4e8c-4cc6-a78c-47cbac6cba5d
Verdict: Malicious activity
Analysis date: January 27, 2024, 20:14:17
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
evasion
Indicators:
MIME: text/x-msdos-batch
File info: DOS batch file, ASCII text, with CRLF line terminators
MD5:

A2F511FA26C110DE0AB86076CDC06015

SHA1:

F079DEC34951FA4F5A3FA7D4065398A3322A9F5D

SHA256:

19302FAD31C960C5D2A9BB8519C21289439AE97C79DF7C354FE34B6F6AAD00C3

SSDEEP:

24:wqlF7BOuM2baDZDD3rzT6Dm1/ZDJKQ5HBGSAGsTbagT7qSI:L7BbMFtDD7z+u/ZUQ5HBxApnagT7qSI

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Reads the Internet Settings

      • WMIC.exe (PID: 2808)
      • WMIC.exe (PID: 1556)
      • WMIC.exe (PID: 2712)
      • WMIC.exe (PID: 1768)
      • WMIC.exe (PID: 2724)
      • WMIC.exe (PID: 2060)
      • WMIC.exe (PID: 2792)

    • Uses WMIC.EXE to obtain computer system information

      • cmd.exe (PID: 3456)

    • Uses WMIC.EXE to obtain CPU information

      • cmd.exe (PID: 3456)

    • Uses WMIC.EXE to obtain operating system information

      • cmd.exe (PID: 3456)

    • Accesses computer name via WMI (SCRIPT)

      • WMIC.exe (PID: 1556)
      • WMIC.exe (PID: 2060)

    • Uses WMIC.EXE to obtain local storage devices information

      • cmd.exe (PID: 3456)

    • Uses WMIC.EXE to obtain a list of video controllers

      • cmd.exe (PID: 3456)

    • Accesses video controller name via WMI (SCRIPT)

      • WMIC.exe (PID: 2060)

    • Uses WMIC.EXE

      • cmd.exe (PID: 3456)

  • INFO

    • Manual execution by a user

      • notepad.exe (PID: 3028)
      • explorer.exe (PID: 696)
      • msedge.exe (PID: 2940)

    • Application launched itself

      • msedge.exe (PID: 2940)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
106
Monitored processes
68
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start cmd.exe no specs wmic.exe no specs wmic.exe no specs wmic.exe no specs wmic.exe no specs wmic.exe no specs wmic.exe no specs wmic.exe no specs explorer.exe no specs notepad.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
316"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3996 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
572"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6456 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
696"C:\Windows\explorer.exe" C:\Windows\explorer.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Explorer
Exit code:
1
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\explorer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
1236"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5328 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1316"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6400 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1380"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4376 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1492"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4148 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1556WMIC CPU Get C:\Windows\System32\wbem\WMIC.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
WMI Commandline Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\wbem\wmic.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
1768WMIC ComputerSystem Get TotalPhysicalMemoryC:\Windows\System32\wbem\WMIC.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
WMI Commandline Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\wbem\wmic.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
1836"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4068 --field-trial-handle=1292,i,6603771579029074267,7334570885567498963,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
Total events
5 774
Read events
5 718
Write events
55
Delete events
1

Modification events

(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\ThirdParty
Operation:writeName:StatusCodes
Value:
01000000
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
Operation:writeName:dr
Value:
1
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
1
(PID) Process:(2940) msedge.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\LastWasDefault
Operation:writeName:S-1-5-21-1302019708-1500728564-335382590-1000
Value:
8A1A1F2B695E2F00
(PID) Process:(2940) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge
Operation:writeName:UsageStatsInSample
Value:
1
(PID) Process:(2940) msedge.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
Operation:writeName:usagestats
Value:
1
(PID) Process:(2940) msedge.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate\ClientStateMedium\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
Operation:writeName:urlstats
Value:
1
Executable files
27
Suspicious files
1 103
Text files
69
Unknown types
0

Dropped files

PID
Process
Filename
Type
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old~RF155ccf.TMP
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG.old~RF155cee.TMP
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG.old
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\LOG.old~RF155d9a.TMP
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\LOG.old
MD5:
SHA256:
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Variationsbinary
MD5:961E3604F228B0D10541EBF921500C86
SHA256:F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datbinary
MD5:C7352A0E98449CC8AEDC1D6954C4CCD9
SHA256:3A1591F52AD31B5B0B48F97AB5E1361D0AD0FA0F584E8FE8EFD482801DC2B9B5
3456cmd.exeC:\Users\admin\AppData\Local\Temp\uff.txttext
MD5:218B4ED571AA7E15BB358D2D5FA95828
SHA256:A6E2B099921AF33DED1C37DADF28C52E6E08A1D2603FBFE40CE40891E27523F6
2940msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.oldtext
MD5:BC5665331C6B5366D725CB1970BD7406
SHA256:5D33599D48DC5F3D65BA548DDBAE25868B979EABA17BC310F0D2C7543341F80D
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
9
TCP/UDP connections
271
DNS requests
335
Threats
8

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3436
msedge.exe
GET
200
34.117.118.44:80
http://ifconfig.me/static/styles/style.css
unknown
text
2.45 Kb
unknown
3436
msedge.exe
GET
200
34.117.118.44:80
http://ifconfig.me/
unknown
html
10.1 Kb
unknown
3436
msedge.exe
GET
301
157.240.0.6:80
http://connect.facebook.net/en_US/all.js
unknown
unknown
3436
msedge.exe
GET
200
93.184.220.66:80
http://platform.twitter.com/widgets.js
unknown
text
26.9 Kb
unknown
3436
msedge.exe
GET
301
142.250.74.206:80
http://developers.google.com/
unknown
unknown
3436
msedge.exe
GET
204
142.250.76.131:80
http://csi.gstatic.com/csi?v=3&s=gapi_global&action=global&it=blt.0,psi.3&srt=193&tbsrt=811&tran=15&e=abc_l0,abc_m0,abc_u0&rt=
unknown
unknown
3436
msedge.exe
GET
204
142.250.76.131:80
http://csi.gstatic.com/csi?v=3&s=gapi_module&action=plusone&it=mli.129,mei.15&tran=15&e=abc_l0,abc_m0,abc_pplusone,abc_u0&rt=
unknown
unknown
3436
msedge.exe
GET
204
142.250.76.131:80
http://csi.gstatic.com/csi?v=3&s=gapi_module&action=auth___plusone&it=mli.59,mei.5&tran=15&e=abc_l0,abc_m0,abc_pauth___plusone,abc_u0&rt=
unknown
unknown
3436
msedge.exe
GET
404
34.117.118.44:80
http://ifconfig.me/favicon.ico
unknown
text
9 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
3436
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2940
msedge.exe
239.255.255.250:1900
whitelisted
3436
msedge.exe
204.79.197.203:443
ntp.msn.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
3436
msedge.exe
13.107.21.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
3436
msedge.exe
23.15.178.194:443
assets.msn.com
Akamai International B.V.
DE
unknown
3436
msedge.exe
2.16.164.74:443
img-s-msn-com.akamaized.net
Akamai International B.V.
NL
unknown
3436
msedge.exe
99.84.9.33:443
sb.scorecardresearch.com
AMAZON-02
US
unknown

DNS requests

Domain
IP
Reputation
config.edge.skype.com
  • 13.107.42.16
whitelisted
ntp.msn.com
  • 204.79.197.203
whitelisted
edge.microsoft.com
  • 13.107.21.239
  • 204.79.197.239
whitelisted
assets.msn.com
  • 23.15.178.194
  • 23.15.178.217
whitelisted
img-s-msn-com.akamaized.net
  • 2.16.164.74
  • 2.16.164.32
whitelisted
sb.scorecardresearch.com
  • 99.84.9.33
  • 99.84.9.47
  • 99.84.9.108
  • 99.84.9.21
shared
th.bing.com
  • 2.16.100.136
  • 2.16.101.107
  • 2.16.100.131
  • 2.16.100.48
  • 92.123.104.19
  • 92.123.104.7
  • 92.123.104.22
  • 92.123.104.18
  • 92.123.104.26
  • 92.123.104.8
  • 92.123.104.28
  • 92.123.104.21
  • 92.123.104.9
whitelisted
www.bing.com
  • 92.123.104.19
  • 92.123.104.7
  • 92.123.104.22
  • 92.123.104.18
  • 92.123.104.26
  • 92.123.104.8
  • 92.123.104.28
  • 92.123.104.21
  • 92.123.104.9
  • 2.23.209.149
  • 2.23.209.182
  • 2.23.209.130
  • 2.23.209.187
  • 2.23.209.133
whitelisted
c.msn.com
  • 68.219.88.97
whitelisted
c.bing.com
  • 204.79.197.200
  • 13.107.21.200
whitelisted

Threats

PID
Process
Class
Message
3436
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] A free CDN for open source projects (jsdelivr .net)
3436
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] A free CDN for open source projects (jsdelivr .net)
3436
msedge.exe
Device Retrieving External IP Address Detected
POLICY [ANY.RUN] External IP Lookup Domain (ifconfig .me in DNS lookup)
3436
msedge.exe
Device Retrieving External IP Address Detected
POLICY [ANY.RUN] External IP Lookup Domain (ifconfig .me in DNS lookup)
3436
msedge.exe
Device Retrieving External IP Address Detected
POLICY [ANY.RUN] External IP Lookup Domain (ifconfig .me in DNS lookup)
3436
msedge.exe
Device Retrieving External IP Address Detected
ET POLICY External IP Lookup Domain (ifconfig .me)
3436
msedge.exe
Device Retrieving External IP Address Detected
ET POLICY External IP Lookup Domain (ifconfig .me)
3436
msedge.exe
Device Retrieving External IP Address Detected
ET POLICY External IP Lookup Domain (ifconfig .me)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
xd.bat