URL:

https://pdffiller.com

Full analysis: https://app.any.run/tasks/988d37d4-d067-4d54-8e86-33412e9753ad
Verdict: Malicious activity
Analysis date: April 08, 2024, 08:21:51
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MD5:

0CF25BF8A380B9641CB732B3AA79B5B1

SHA1:

10D46E968A62D6E0FB5F914650959D484393AF49

SHA256:

2B77D02B456115ED34E3CF53F999A0F553DE6E677276028CAF10122F9B56F301

SSDEEP:

3:N8Ff0yZIn:2dJ2n

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    • Drops the executable file immediately after the start

      • firefox.exe (PID: 3956)

    • The process uses the downloaded file

      • firefox.exe (PID: 3956)

    • Application launched itself

      • firefox.exe (PID: 4008)
      • firefox.exe (PID: 3956)

    • Executable content was dropped or overwritten

      • firefox.exe (PID: 3956)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
67
Monitored processes
29
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1348"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.11.60100631\2054375573" -childID 8 -isForBrowser -prefsHandle 3780 -prefMapHandle 1932 -prefsLen 31324 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {25605972-398f-4449-80b7-f9c0ecef0fe6} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 8004 22298c90 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1592"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.20.602119522\1963956909" -childID 16 -isForBrowser -prefsHandle 7276 -prefMapHandle 7280 -prefsLen 31324 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {de27bdc1-38bc-42da-98ce-45f7eb89c016} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 7128 24793280 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1596"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.15.1826825082\1945051115" -parentBuildID 20230710165010 -sandboxingKind 0 -prefsHandle 2544 -prefMapHandle 7416 -prefsLen 36717 -prefMapSize 244195 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1bbc40ce-274d-4af6-b3f5-a56a8df734ab} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 7544 24dbf390 utilityC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1652"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.22.1175383610\1122379243" -childID 18 -isForBrowser -prefsHandle 7276 -prefMapHandle 3796 -prefsLen 31324 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {138482cf-23f9-45dd-a1ff-a48ad6217154} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 6704 20d896d0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1732"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.16.1254683507\878073415" -childID 12 -isForBrowser -prefsHandle 7276 -prefMapHandle 7280 -prefsLen 31324 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1982e318-9855-4e09-aaba-2916ec96c308} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 7264 23959280 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1768"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.2.985945537\565081567" -childID 1 -isForBrowser -prefsHandle 1956 -prefMapHandle 1604 -prefsLen 24556 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a26bc32-e255-4beb-9593-1a928197d563} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 2064 19ffb6d0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
1824"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.1.1171771633\1506723503" -parentBuildID 20230710165010 -prefsHandle 1404 -prefMapHandle 1400 -prefsLen 28600 -prefMapSize 244195 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97df33df-5c35-4e54-a024-69cf635f8d8a} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 1416 1601cbc0 socketC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
2304"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.17.1035417579\2100725441" -childID 13 -isForBrowser -prefsHandle 7876 -prefMapHandle 7872 -prefsLen 31324 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbad6c7f-123d-40e8-930a-ae68c47016fc} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 7892 21d5d840 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
2388"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.24.197841655\1117745859" -childID 20 -isForBrowser -prefsHandle 1884 -prefMapHandle 2064 -prefsLen 31364 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dac69bb4-2114-4bb5-beb0-67e7082f847a} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 1992 1f381110 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
2568"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3956.5.114513823\182488574" -childID 4 -isForBrowser -prefsHandle 3756 -prefMapHandle 3764 -prefsLen 34344 -prefMapSize 244195 -jsInitHandle 900 -jsInitLen 240908 -parentBuildID 20230710165010 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8247a9d-308e-40f0-9905-d9eca1b32be1} 3956 "\\.\pipe\gecko-crash-server-pipe.3956" 3732 2192b9b0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
115.0.2
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msasn1.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
Total events
40 488
Read events
40 427
Write events
54
Delete events
7

Modification events

(PID) Process:(4008) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Launcher
Value:
9A8E395101000000
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Browser
Value:
F6E73A5101000000
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Installer\308046B0AF4A39CB
Operation:delete valueName:installer.taskbarpin.win10.enabled
Value:
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Launcher
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Telemetry
Value:
0
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\DllPrefetchExperiment
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe
Value:
0
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\PreXULSkeletonUISettings
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Theme
Value:
1
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\PreXULSkeletonUISettings
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe|Enabled
Value:
1
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|DisableTelemetry
Value:
1
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|DisableDefaultBrowserAgent
Value:
0
(PID) Process:(3956) firefox.exeKey:HKEY_CURRENT_USER\Software\Mozilla\Firefox\Default Browser Agent
Operation:writeName:C:\Program Files\Mozilla Firefox|SetDefaultBrowserUserChoice
Value:
1
Executable files
2
Suspicious files
138
Text files
31
Unknown types
73

Dropped files

PID
Process
Filename
Type
3956firefox.exeC:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\qldyz51w.default\startupCache\urlCache-current.binbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\cookies.sqlite-shmbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.json.tmpbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\sessionCheckpoints.jsonbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shmbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs-1.jstext
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\prefs.jstext
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shmbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shmbinary
MD5:
SHA256:
3956firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qldyz51w.default\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shmbinary
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
52
TCP/UDP connections
222
DNS requests
411
Threats
5

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3956
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/canonical.html
unknown
unknown
3956
firefox.exe
POST
200
142.250.74.195:80
http://ocsp.pki.goog/gts1c3
unknown
unknown
3956
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
unknown
unknown
3956
firefox.exe
POST
200
18.245.65.219:80
http://ocsp.r2m02.amazontrust.com/
unknown
unknown
3956
firefox.exe
POST
200
95.101.54.200:80
http://r3.o.lencr.org/
unknown
unknown
3956
firefox.exe
POST
200
95.101.54.200:80
http://r3.o.lencr.org/
unknown
unknown
3956
firefox.exe
POST
200
95.101.54.200:80
http://r3.o.lencr.org/
unknown
unknown
3956
firefox.exe
POST
200
18.245.65.219:80
http://ocsp.r2m02.amazontrust.com/
unknown
unknown
3956
firefox.exe
POST
200
142.250.74.195:80
http://ocsp.pki.goog/gts1c3
unknown
unknown
3956
firefox.exe
POST
200
95.101.54.200:80
http://r3.o.lencr.org/
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
3956
firefox.exe
3.89.179.45:443
pdffiller.com
AMAZON-AES
US
unknown
3956
firefox.exe
34.117.188.166:443
spocs.getpocket.com
unknown
3956
firefox.exe
216.58.206.42:443
safebrowsing.googleapis.com
whitelisted
3956
firefox.exe
34.107.243.93:443
push.services.mozilla.com
GOOGLE
US
unknown
3956
firefox.exe
34.107.221.82:80
detectportal.firefox.com
GOOGLE
US
whitelisted
3956
firefox.exe
142.250.74.195:80
ocsp.pki.goog
GOOGLE
US
whitelisted
3956
firefox.exe
34.117.237.239:443
contile.services.mozilla.com
GOOGLE-CLOUD-PLATFORM
US
unknown

DNS requests

Domain
IP
Reputation
pdffiller.com
  • 3.89.179.45
  • 52.200.78.169
  • 34.195.138.99
unknown
detectportal.firefox.com
  • 34.107.221.82
whitelisted
prod.detectportal.prod.cloudops.mozgcp.net
  • 34.107.221.82
  • 2600:1901:0:38d7::
whitelisted
example.org
  • 93.184.216.34
whitelisted
ipv4only.arpa
  • 192.0.0.171
  • 192.0.0.170
whitelisted
contile.services.mozilla.com
  • 34.117.237.239
whitelisted
spocs.getpocket.com
  • 34.117.188.166
shared
prod.ads.prod.webservices.mozgcp.net
  • 34.117.188.166
unknown
r3.o.lencr.org
  • 95.101.54.200
  • 95.101.54.122
  • 95.101.54.137
  • 95.101.54.216
  • 2.16.202.121
  • 95.101.54.131
  • 95.101.54.112
  • 95.101.54.145
  • 95.101.54.138
  • 95.101.54.203
  • 2.16.202.123
  • 95.101.54.217
  • 95.101.54.144
  • 95.101.54.130
  • 95.101.54.139
  • 2.16.202.120
  • 2.16.202.115
  • 95.101.54.121
  • 95.101.54.114
  • 2.16.202.114
  • 95.101.54.201
shared
firefox.settings.services.mozilla.com
  • 34.149.100.209
whitelisted

Threats

PID
Process
Class
Message
3956
firefox.exe
Potential Corporate Privacy Violation
ET POLICY Dropbox.com Offsite File Backup in Use
1080
svchost.exe
Potential Corporate Privacy Violation
POLICY [ANY.RUN] External IP Check (pro.ip-api.com)
1080
svchost.exe
Potential Corporate Privacy Violation
POLICY [ANY.RUN] External IP Check (pro.ip-api.com)
1080
svchost.exe
Potential Corporate Privacy Violation
POLICY [ANY.RUN] External IP Check (pro.ip-api.com)
3956
firefox.exe
Not Suspicious Traffic
INFO [ANY.RUN] jQuery JavaScript Library Code Loaded (code.jquery .com)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://pdffiller.com