File name:

609a53_DbSchema-841-Cr.zip

Full analysis: https://app.any.run/tasks/b930273c-cde5-400b-8c70-52ad954b8ec9
Verdict: Malicious activity
Threats:

Stealers are a group of malicious software that are intended for gaining unauthorized access to users’ information and transferring it to the attacker. The stealer malware category includes various types of programs that focus on their particular kind of data, including files, passwords, and cryptocurrency. Stealers are capable of spying on their targets by recording their keystrokes and taking screenshots. This type of malware is primarily distributed as part of phishing campaigns.

Malware Trends Tracker     >>>
Analysis date: May 16, 2025, 09:56:41
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
arch-doc
autoit
stealer
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=deflate
MD5:

9A5F5356A2D11E824968D32F26CE214F

SHA1:

F52560F3DD6F587F4674926BBC8AE113F42D9D64

SHA256:

20EE4314D5B78AD67B4E0549ED126252E9B4B20680B6837B92E05C1873BB6380

SSDEEP:

98304:PSATp3JVoDCuKBElsZWrxk1sKX3mMrA+IcrSYQLw8rTZwXoe4DxUQCoUfdAYlIpL:4

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Executing a file with an untrusted certificate

      • main_setup_x86x64.exe (PID: 3900)

    • Actions looks like stealing of personal data

      • Gote.exe.com (PID: 5988)

    • Steals credentials from Web Browsers

      • Gote.exe.com (PID: 5988)

    • Starts CMD.EXE for self-deleting

      • Gote.exe.com (PID: 5988)

  • SUSPICIOUS

    • Generic archive extractor

      • WinRAR.exe (PID: 7556)

    • Reads security settings of Internet Explorer

      • WinRAR.exe (PID: 5308)
      • main_setup_x86x64.exe (PID: 3900)

    • Starts CMD.EXE for commands execution

      • main_setup_x86x64.exe (PID: 3900)
      • cmd.exe (PID: 7336)
      • Gote.exe.com (PID: 5988)

    • Application launched itself

      • cmd.exe (PID: 7336)
      • Gote.exe.com (PID: 2432)

    • Using 'findstr.exe' to search for text patterns in files and output

      • cmd.exe (PID: 1312)

    • Starts the AutoIt3 executable file

      • cmd.exe (PID: 1312)
      • Gote.exe.com (PID: 2432)

    • The executable file from the user directory is run by the CMD process

      • Gote.exe.com (PID: 2432)

    • Starts application with an unusual extension

      • cmd.exe (PID: 1312)
      • Gote.exe.com (PID: 2432)

    • Runs PING.EXE to delay simulation

      • cmd.exe (PID: 1312)

    • There is functionality for taking screenshot (YARA)

      • main_setup_x86x64.exe (PID: 3900)
      • Gote.exe.com (PID: 5988)

    • Searches for installed software

      • Gote.exe.com (PID: 5988)

    • Uses TIMEOUT.EXE to delay execution

      • cmd.exe (PID: 5244)

  • INFO

    • Reads the computer name

      • main_setup_x86x64.exe (PID: 3900)
      • Gote.exe.com (PID: 5988)

    • Manual execution by a user

      • WinRAR.exe (PID: 5308)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 5308)

    • Checks supported languages

      • main_setup_x86x64.exe (PID: 3900)
      • Gote.exe.com (PID: 2432)
      • Gote.exe.com (PID: 5988)

    • Create files in a temporary directory

      • main_setup_x86x64.exe (PID: 3900)
      • Gote.exe.com (PID: 5988)

    • Process checks computer location settings

      • main_setup_x86x64.exe (PID: 3900)

    • Reads mouse settings

      • Gote.exe.com (PID: 2432)
      • Gote.exe.com (PID: 5988)

    • Reads the software policy settings

      • slui.exe (PID: 7724)

    • Reads Environment values

      • Gote.exe.com (PID: 5988)

    • Reads CPU info

      • Gote.exe.com (PID: 5988)

    • Reads product name

      • Gote.exe.com (PID: 5988)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: -
ZipCompression: Deflated
ZipModifyDate: 2021:05:11 09:51:04
ZipCRC: 0x35ad8377
ZipCompressedSize: 1738368
ZipUncompressedSize: 1738104
ZipFileName: DbSchema-841-Crack-With-Activation-Key-Download-2021/609a5389a055960_setup_v18.2.9.zip
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
196
Monitored processes
66
Malicious processes
5
Suspicious processes
1

Behavior graph

Click at the process to see the details
start winrar.exe no specs sppextcomobj.exe no specs slui.exe rundll32.exe no specs winrar.exe main_setup_x86x64.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs findstr.exe no specs gote.exe.com no specs ping.exe no specs gote.exe.com slui.exe svchost.exe cmd.exe no specs conhost.exe no specs timeout.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
632"C:\Windows\System32\cmd.exe" /c uWPXDaWHSCROIeNtzQWEAimC:\Windows\SysWOW64\cmd.exemain_setup_x86x64.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\combase.dll
732\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
736\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
924\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1228"C:\Windows\System32\cmd.exe" /c UCcXBZzkBjTOvUNQzmqgSaDhBLBtQhnciUcIgfKIAZBPTzvCiVHXIcJCZicQbgxhNbGBntBrOsOTQNxigYXVGAC:\Windows\SysWOW64\cmd.exemain_setup_x86x64.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\combase.dll
1228timeout 3 C:\Windows\SysWOW64\timeout.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
timeout - pauses command processing
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\timeout.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\user32.dll
c:\windows\syswow64\win32u.dll
1312C:\WINDOWS\system32\cmd C:\Windows\SysWOW64\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\combase.dll
1532"C:\Windows\System32\cmd.exe" /c ivHuWaNQiXHTlYBGMIpecEqJEXYCgVtSbdkKjjHUlrwMoSvUMqbIKC:\Windows\SysWOW64\cmd.exemain_setup_x86x64.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\combase.dll
1628\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1672"C:\Windows\System32\cmd.exe" /c ANsYNRDMVaHkEdIZZdUFCPxiiDpXUAgkFzOWuayZnxffldoFMEKFTpPLalC:\Windows\SysWOW64\cmd.exemain_setup_x86x64.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\combase.dll
Total events
7 639
Read events
7 593
Write events
33
Delete events
13

Modification events

(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\preferences.zip
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\chromium_ext.zip
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\omni_23_10_2024_.zip
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\609a53_DbSchema-841-Cr.zip
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\DialogEditHistory\ExtrPath
Operation:delete valueName:15
Value:
(PID) Process:(7556) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\DialogEditHistory\ExtrPath
Operation:delete valueName:14
Value:
Executable files
1
Suspicious files
12
Text files
8
Unknown types
0

Dropped files

PID
Process
Filename
Type
5308WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb5308.25451\main_setup_x86x64.exeexecutable
MD5:19E71970DDE0C76C54572A5C5DF5F503
SHA256:D44C0887E87644CD49D77163B5344A371713077AA0A3E07269F48BC7D80075EB
3900main_setup_x86x64.exeC:\Users\admin\AppData\Local\Temp\7ZipSfx.000\Voi.bmpbinary
MD5:E28BFA6762C4DAC59D426A6C3723472C
SHA256:CE1C95426D8CA230CF580DA79C9441FA3EF1E408900C03D4A80CF61C6F1F6F2F
3900main_setup_x86x64.exeC:\Users\admin\AppData\Local\Temp\7ZipSfx.000\Mostra.bmpbinary
MD5:8D40A2EC510515547AB081E6E6E6321A
SHA256:D0FA42CB0EE3B9F5C44EEF2B7AC8E03E6BF1D571489A0433792A038922E6192B
1312cmd.exeC:\Users\admin\AppData\Local\Temp\7ZipSfx.000\Gote.exe.comtext
MD5:AC6AD5D9B99757C3A878F2D275ACE198
SHA256:9B8DB510EF42B8ED54A3712636FDA55A4F8CFCD5493E20B74AB00CD4F3979F2D
5988Gote.exe.comC:\Users\admin\AppData\Local\Temp\aXUvBJVO\c5jmN.tmp-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
5988Gote.exe.comC:\Users\admin\AppData\Local\Temp\aXUvBJVO\c5jmN.tmpbinary
MD5:19BA68C3ECBCA72C2B90AFADDE745DC6
SHA256:8B3758EE2D2C0A07EE7003F902F0667ABE5D9667941F8617EDA3CDF94C78E7B8
7556WinRAR.exeC:\Users\admin\Desktop\DbSchema-841-Crack-With-Activation-Key-Download-2021\609a5389a055960_setup_v18.2.9.zipcompressed
MD5:9B9788AB895A43A2AD29E62E76B6E8F3
SHA256:DA28CEBDD2A5057329E34A499AF3BA54A267F4DCD806614631B27C3B446DB4BB
3900main_setup_x86x64.exeC:\Users\admin\AppData\Local\Temp\7ZipSfx.000\Prediligi.bmptext
MD5:CC329F1951FE830B30312E324A624B26
SHA256:3C4F386466F9233DEC8074F4660851CC250E7CAB6295A98AF454AD9DFC048E02
1312cmd.exeC:\Users\admin\AppData\Local\Temp\7ZipSfx.000\Utext
MD5:ACF88C5609AD14CBAB025785EE4210CE
SHA256:23B90A8AFBEB4982A02D3E4187C4E04F4A386D95A852E1B8C2D59C5BA8D10B4E
5988Gote.exe.comC:\Users\admin\AppData\Local\Temp\aXUvBJVO\_Files\_Information.txtbinary
MD5:7E503C1E20A4B36471993BBCF5159114
SHA256:90D648545893CDAAB5B8EC23CF7B8F70A3914A46D6F3605256C5D611E4DF6AEA
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
6
TCP/UDP connections
26
DNS requests
21
Threats
1

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5496
MoUsoCoreWorker.exe
GET
200
23.216.77.8:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
5496
MoUsoCoreWorker.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
6544
svchost.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
8180
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
8180
SIHClient.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
51.124.78.146:443
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5496
MoUsoCoreWorker.exe
23.216.77.8:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
5496
MoUsoCoreWorker.exe
23.35.229.160:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
2104
svchost.exe
51.124.78.146:443
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
23.35.229.160:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
3216
svchost.exe
172.211.123.250:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted
6544
svchost.exe
40.126.32.74:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
2.17.190.73:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted

DNS requests

Domain
IP
Reputation
google.com
  • 216.58.206.78
whitelisted
crl.microsoft.com
  • 23.216.77.8
  • 23.216.77.17
  • 23.216.77.12
  • 23.216.77.10
  • 23.216.77.19
  • 23.216.77.4
  • 23.216.77.18
  • 23.216.77.34
  • 23.216.77.42
whitelisted
www.microsoft.com
  • 23.35.229.160
whitelisted
client.wns.windows.com
  • 172.211.123.250
whitelisted
login.live.com
  • 40.126.32.74
  • 20.190.160.132
  • 20.190.160.17
  • 20.190.160.4
  • 20.190.160.131
  • 20.190.160.64
  • 40.126.32.76
  • 20.190.160.65
whitelisted
ocsp.digicert.com
  • 2.17.190.73
whitelisted
settings-win.data.microsoft.com
  • 20.73.194.208
whitelisted
slscr.update.microsoft.com
  • 172.202.163.200
whitelisted
fe3cr.delivery.mp.microsoft.com
  • 20.242.39.171
whitelisted
AUbdvMIsgXQhVvSuJCLz.AUbdvMIsgXQhVvSuJCLz
unknown

Threats

PID
Process
Class
Message
2196
svchost.exe
Potentially Bad Traffic
ET DNS Query to a *.top domain - Likely Hostile
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
609a53_DbSchema-841-Cr.zip