File name:

Release_2.2.2.zip

Full analysis: https://app.any.run/tasks/e42a1498-d865-4f2e-9008-89e6664f0e88
Verdict: Malicious activity
Analysis date: November 30, 2023, 20:52:24
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract
MD5:

B89C9C3BE99C571219F5FD97A77EA67C

SHA1:

F357F0E6EFC775003090A2BB03BC9CE66DB3C3DA

SHA256:

1CB33B52544E5D2C8A2AC6C18FD59651AB68DB85456A22C801986023F490C763

SSDEEP:

98304:5PBVI/TdVWEDvWhRIyp+Nk1r8yo+jOuh4YM1dbP8DRI5kV+hmwRr4ME5lE3LrPbc:1/wmOHLC

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • SBRW.Launcher.exe (PID: 2396)

  • SUSPICIOUS

    • Drops 7-zip archiver for unpacking

      • WinRAR.exe (PID: 2480)

    • Process drops legitimate windows executable

      • WinRAR.exe (PID: 2480)

    • Reads the Internet Settings

      • GameLauncher.exe (PID: 2400)
      • GameLauncher.exe (PID: 3568)
      • GameLauncher.exe (PID: 536)
      • SBRW.Launcher.exe (PID: 2396)

    • Reads settings of System Certificates

      • SBRW.Launcher.exe (PID: 2396)

    • Reads security settings of Internet Explorer

      • SBRW.Launcher.exe (PID: 2396)

    • Process requests binary or script from the Internet

      • SBRW.Launcher.exe (PID: 2396)

    • Checks Windows Trust Settings

      • SBRW.Launcher.exe (PID: 2396)

    • Adds/modifies Windows certificates

      • SBRW.Launcher.exe (PID: 2396)

    • Connects to unusual port

      • SBRW.Launcher.exe (PID: 2396)

  • INFO

    • Reads the machine GUID from the registry

      • wmpnscfg.exe (PID: 3004)
      • SBRW.Launcher.exe (PID: 1452)
      • SBRW.Launcher.exe (PID: 2608)
      • SBRW.Launcher.exe (PID: 2396)
      • wmpnscfg.exe (PID: 3684)
      • SBRW.Launcher.exe (PID: 2668)
      • SBRW.Launcher.exe (PID: 2400)

    • Reads the computer name

      • wmpnscfg.exe (PID: 3004)
      • GameLauncher.exe (PID: 2400)
      • SBRW.Launcher.exe (PID: 1452)
      • SBRW.Launcher.exe (PID: 2668)
      • SBRW.Launcher.exe (PID: 2608)
      • GameLauncher.exe (PID: 536)
      • SBRW.Launcher.exe (PID: 2396)
      • GameLauncher.exe (PID: 3568)
      • wmpnscfg.exe (PID: 3684)
      • SBRW.Launcher.exe (PID: 2400)

    • Checks supported languages

      • wmpnscfg.exe (PID: 3004)
      • GameLauncher.exe (PID: 2400)
      • SBRW.Launcher.exe (PID: 1452)
      • GameLauncher.exe (PID: 3568)
      • SBRW.Launcher.exe (PID: 2608)
      • SBRW.Launcher.exe (PID: 2396)
      • GameLauncher.exe (PID: 536)
      • SBRW.Launcher.exe (PID: 2400)
      • SBRW.Launcher.exe (PID: 2668)
      • wmpnscfg.exe (PID: 3684)

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 2480)

    • Manual execution by a user

      • GameLauncher.exe (PID: 2400)
      • GameLauncher.exe (PID: 2504)
      • SBRW.Launcher.exe (PID: 2336)
      • GameLauncher.exe (PID: 2548)
      • GameLauncher.exe (PID: 3568)
      • GameLauncher.exe (PID: 608)
      • GameLauncher.exe (PID: 536)
      • SBRW.Launcher.exe (PID: 2400)
      • SBRW.Launcher.exe (PID: 3376)
      • SBRW.Launcher.exe (PID: 2668)
      • wmpnscfg.exe (PID: 3684)
      • msedge.exe (PID: 2728)

    • Reads Environment values

      • SBRW.Launcher.exe (PID: 1452)
      • SBRW.Launcher.exe (PID: 2668)
      • SBRW.Launcher.exe (PID: 2608)
      • SBRW.Launcher.exe (PID: 2396)
      • SBRW.Launcher.exe (PID: 2400)

    • Creates files or folders in the user directory

      • SBRW.Launcher.exe (PID: 2396)

    • Create files in a temporary directory

      • SBRW.Launcher.exe (PID: 2396)

    • Application launched itself

      • msedge.exe (PID: 2716)
      • msedge.exe (PID: 2728)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: -
ZipCompression: Deflated
ZipModifyDate: 2022:11:10 16:34:32
ZipCRC: 0xdd1c4d8a
ZipCompressedSize: 32585
ZipUncompressedSize: 83968
ZipFileName: DiscordRPC.dll
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
96
Monitored processes
35
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe no specs gamelauncher.exe no specs gamelauncher.exe sbrw.launcher.exe no specs sbrw.launcher.exe no specs sbrw.launcher.exe gamelauncher.exe no specs gamelauncher.exe sbrw.launcher.exe no specs gamelauncher.exe no specs gamelauncher.exe sbrw.launcher.exe sbrw.launcher.exe no specs sbrw.launcher.exe wmpnscfg.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs wmpnscfg.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
284"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3408 --field-trial-handle=1284,i,14233080159642625639,16274897426052140231,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
536"C:\SBRW\GameLauncher.exe" C:\SBRW\GameLauncher.exe
explorer.exe
User:
admin
Company:
GameLauncher
Integrity Level:
HIGH
Description:
GameLauncher
Exit code:
0
Version:
2.2.2
Modules
Images
c:\sbrw\gamelauncher.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
536"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3508 --field-trial-handle=1284,i,14233080159642625639,16274897426052140231,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
600"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3724 --field-trial-handle=1284,i,14233080159642625639,16274897426052140231,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
608"C:\SBRW\GameLauncher.exe" C:\SBRW\GameLauncher.exeexplorer.exe
User:
admin
Company:
GameLauncher
Integrity Level:
MEDIUM
Description:
GameLauncher
Exit code:
3221226540
Version:
2.2.2
Modules
Images
c:\sbrw\gamelauncher.exe
c:\windows\system32\ntdll.dll
880"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1420 --field-trial-handle=1372,i,6597874564054038532,14016396742940536596,131072 /prefetch:3C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
1452"C:\Users\admin\Desktop\SBRW.Launcher.exe" C:\Users\admin\Desktop\SBRW.Launcher.exeGameLauncher.exe
User:
admin
Company:
SBRW.Launcher
Integrity Level:
HIGH
Description:
SBRW.Launcher
Exit code:
0
Version:
2.2.2
Modules
Images
c:\users\admin\desktop\sbrw.launcher.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
1460"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1284,i,14233080159642625639,16274897426052140231,131072 /prefetch:3C:\Program Files\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2336"C:\Users\admin\Desktop\SBRW.Launcher.exe" C:\Users\admin\Desktop\SBRW.Launcher.exeexplorer.exe
User:
admin
Company:
SBRW.Launcher
Integrity Level:
MEDIUM
Description:
SBRW.Launcher
Exit code:
3221226540
Version:
2.2.2
Modules
Images
c:\users\admin\desktop\sbrw.launcher.exe
c:\windows\system32\ntdll.dll
2396"C:\SBRW\SBRW.Launcher.exe" C:\SBRW\SBRW.Launcher.exe
GameLauncher.exe
User:
admin
Company:
SBRW.Launcher
Integrity Level:
HIGH
Description:
SBRW.Launcher
Exit code:
0
Version:
2.2.2
Modules
Images
c:\sbrw\sbrw.launcher.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\aclayers.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
Total events
20 263
Read events
20 132
Write events
123
Delete events
8

Modification events

(PID) Process:(3004) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{A9FA33A4-3D0A-4750-A15A-57744ED603C2}\{83694C30-3979-43D6-8274-2F4B74E5F4EC}
Operation:delete keyName:(default)
Value:
(PID) Process:(3004) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{A9FA33A4-3D0A-4750-A15A-57744ED603C2}
Operation:delete keyName:(default)
Value:
(PID) Process:(3004) wmpnscfg.exeKey:HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Health\{8C43D022-BDAB-4820-936F-70E6EB88613C}
Operation:delete keyName:(default)
Value:
(PID) Process:(2480) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\17F\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\virtio_ivshmem_master_build.zip
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(2480) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
Executable files
26
Suspicious files
60
Text files
40
Unknown types
0

Dropped files

PID
Process
Filename
Type
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\DiscordRPC.dllexecutable
MD5:6FB17D5AC180F59AAD3067097ABA5C72
SHA256:0083DB1250991E06CA30017C7574921463920681E8F42ED1B2FCDADA1515326C
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\GameLauncher.exe.configxml
MD5:80318442D34FD71503D6548B2A9F5490
SHA256:C17F391D07FC4BD47047C494DE42E80B9FDBAD4A0024BDC7CABA4733E339296E
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\LZMA.dllexecutable
MD5:D17AE7F5F647C4370F1CB64507106E02
SHA256:A976726F4477D9EB288F78E6686783216A75A1B73790754B1D01AC0436DAEC6D
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.Downloader.LZMA.dllexecutable
MD5:CB63E94FB43410A4120661C080DDE80B
SHA256:CA8D5EADC37FA211891C66B5A34C5874EEDEBD7184AD6CE17E5B862E6EBA6D9C
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.Extra.dllexecutable
MD5:E9F85AFCC8D818C97216256C77223838
SHA256:A3524B3F69D77737CD1AA9C6F1DB88049ECDC867DB8FEB8DC4C608812B89456E
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.Discord.dllexecutable
MD5:3021A611BAD50B607610D913C4E9D171
SHA256:3B5D0441CEE847B20B36BBE967A0CED9DD122CF2D2D5C603195E4BF38DEA5F45
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.Downloader.dllexecutable
MD5:3F3C9BBEBE1A82E95A99739849EF73F2
SHA256:78C623521DD1018C23E58FAC3251E612316B7EB527C95DBEB3AA7161214DDFAB
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.dllexecutable
MD5:75FFC0657F098AD72795ADD04DAFE739
SHA256:1152446D9534F6D83A1109B2EB4E7CEE772ECC73DB01236EA65FF52E1A256F92
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Launcher.Core.Theme.dllexecutable
MD5:0AAB9C208BA5F399E50F4738CC5729B3
SHA256:BD1B2D1C96C1BAA9D879E4DE0DD807168AC2681E42780AC299A76FAC211DDED5
2480WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa2480.4413\SBRW.Ini.Parser.dllexecutable
MD5:272D10C15D1A8C73EA5042965E60A552
SHA256:3E16FB583A665ED85E77E492EB8B4C870557B5EF104E98D57A657C136904849C
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
25
TCP/UDP connections
61
DNS requests
39
Threats
52

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2396
SBRW.Launcher.exe
GET
200
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?ce9065b863ef8466
unknown
compressed
65.2 Kb
unknown
2396
SBRW.Launcher.exe
GET
200
104.21.19.117:80
http://crl.carboncrew.org/CC-CA.cer
unknown
binary
2.87 Kb
unknown
2396
SBRW.Launcher.exe
GET
200
104.21.19.117:80
http://crl.carboncrew.org/RCA-Info.json
unknown
binary
911 b
unknown
2396
SBRW.Launcher.exe
GET
200
104.21.72.166:80
http://g-sbrw.davidcarbon.download//en/index.xml
unknown
xml
1.60 Kb
unknown
2396
SBRW.Launcher.exe
GET
301
104.21.72.166:80
http://g-sbrw.davidcarbon.download//GameFiles.sbrwpack
unknown
html
640 b
unknown
2396
SBRW.Launcher.exe
GET
104.21.72.166:80
http://g2-sbrw.davidcarbon.download//unpacked/checksums.dat
unknown
unknown
2396
SBRW.Launcher.exe
GET
301
104.21.72.166:80
http://g-sbrw.davidcarbon.download//unpacked/checksums.dat
unknown
html
644 b
unknown
2396
SBRW.Launcher.exe
GET
104.21.72.166:80
http://g2-sbrw.davidcarbon.download//GameFiles.sbrwpack
unknown
unknown
2396
SBRW.Launcher.exe
GET
200
51.161.118.213:8080
http://game.worldunited.gg:8080/Engine.svc/GetServerInformation
unknown
binary
595 b
unknown
2396
SBRW.Launcher.exe
GET
200
209.97.187.156:8080
http://209.97.187.156:8080/Engine.svc/GetServerInformation
unknown
binary
532 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
4
System
192.168.100.255:137
whitelisted
2588
svchost.exe
239.255.255.250:1900
whitelisted
2396
SBRW.Launcher.exe
93.184.221.240:80
ctldl.windowsupdate.com
EDGECAST
GB
whitelisted
2396
SBRW.Launcher.exe
104.21.19.117:80
crl.carboncrew.org
CLOUDFLARENET
unknown
2396
SBRW.Launcher.exe
104.26.1.213:443
api.worldunited.gg
CLOUDFLARENET
US
unknown
2396
SBRW.Launcher.exe
140.82.121.5:443
api.github.com
GITHUB
US
unknown
2396
SBRW.Launcher.exe
140.82.121.4:443
github.com
GITHUB
US
unknown
2396
SBRW.Launcher.exe
185.199.111.133:443
objects.githubusercontent.com
FASTLY
US
unknown

DNS requests

Domain
IP
Reputation
ctldl.windowsupdate.com
  • 93.184.221.240
whitelisted
crl.carboncrew.org
  • 104.21.19.117
  • 172.67.186.34
unknown
api.worldunited.gg
  • 104.26.1.213
  • 172.67.73.203
  • 104.26.0.213
unknown
api.github.com
  • 140.82.121.5
whitelisted
github.com
  • 140.82.121.4
shared
objects.githubusercontent.com
  • 185.199.111.133
  • 185.199.110.133
  • 185.199.108.133
  • 185.199.109.133
shared
cdn.worldunited.gg
  • 104.26.0.213
  • 104.26.1.213
  • 172.67.73.203
unknown
g-sbrw.davidcarbon.download
  • 104.21.72.166
  • 172.67.153.81
unknown
cdn.nightriderz.world
  • 142.132.196.182
unknown
g2-sbrw.davidcarbon.download
  • 104.21.72.166
  • 172.67.153.81
unknown

Threats

PID
Process
Class
Message
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
ET POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
AV POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
ET POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
AV POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
AV POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
ET POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
ET POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
AV POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
ET POLICY User-Agent (Launcher)
2396
SBRW.Launcher.exe
Potential Corporate Privacy Violation
AV POLICY User-Agent (Launcher)
2 ETPRO signatures available at the full report
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Release_2.2.2.zip