URL:

https://www.driversfordownload.com/samsung-drivers-for-download/476de283f333d032132f661e0bf62ba1.zip-driver-file-download-29124

Full analysis: https://app.any.run/tasks/1521bd09-449d-43a3-935d-d9ff7353bc5b
Verdict: Malicious activity
Threats:

Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security.

Malware Trends Tracker     >>>
Analysis date: March 05, 2020, 23:58:46
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
loader
adware
Indicators:
MD5:

757ED36D280AD66F561FE42C75183C2E

SHA1:

AF1427BB5D3DE41428730C89C83FAB50683D248D

SHA256:

33D216C12AB3F2120D836B33D43418FF4D3885B5D9F19D3148541A3B693855B3

SSDEEP:

3:N8DSLaWrBJDKWIJXMjsmR5dKTTTZt1YVGk4kXc+:2OLZ3KDakfTTeR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • driver_booster_ds_setup.exe (PID: 3252)
      • driver_booster_ds_setup.exe (PID: 440)
      • SetupHlp.exe (PID: 3976)
      • Sacndb5.exe (PID: 3484)
      • InstStat.exe (PID: 2408)
      • RttHlp.exe (PID: 2948)
      • HWiNFO.exe (PID: 2064)

    • Downloads executable files from the Internet

      • iexplore.exe (PID: 3264)
      • driver_booster_ds_setup.exe (PID: 440)

    • Loads dropped or rewritten executable

      • InstStat.exe (PID: 2408)
      • SetupHlp.exe (PID: 3976)
      • HWiNFO.exe (PID: 2064)

    • Loads the Task Scheduler COM API

      • SetupHlp.exe (PID: 3976)

  • SUSPICIOUS

    • Reads Windows owner or organization settings

      • Sacndb5.tmp (PID: 2628)

    • Executable content was dropped or overwritten

      • iexplore.exe (PID: 3264)
      • iexplore.exe (PID: 1740)
      • driver_booster_ds_setup.exe (PID: 440)
      • Sacndb5.exe (PID: 3484)
      • Sacndb5.tmp (PID: 2628)
      • HWiNFO.exe (PID: 2064)

    • Creates files in the user directory

      • driver_booster_ds_setup.exe (PID: 440)
      • Sacndb5.tmp (PID: 2628)

    • Reads the Windows organization settings

      • Sacndb5.tmp (PID: 2628)

    • Creates files in the Windows directory

      • HWiNFO.exe (PID: 2064)

    • Creates files in the driver directory

      • HWiNFO.exe (PID: 2064)

    • Creates files in the program directory

      • InstStat.exe (PID: 2408)
      • SetupHlp.exe (PID: 3976)
      • RttHlp.exe (PID: 2948)

    • Searches for installed software

      • SetupHlp.exe (PID: 3976)

  • INFO

    • Changes internet zones settings

      • iexplore.exe (PID: 1740)

    • Reads Internet Cache Settings

      • iexplore.exe (PID: 1740)
      • iexplore.exe (PID: 3264)
      • iexplore.exe (PID: 4008)

    • Application launched itself

      • iexplore.exe (PID: 1740)

    • Modifies the phishing filter of IE

      • iexplore.exe (PID: 1740)

    • Reads internet explorer settings

      • iexplore.exe (PID: 3264)
      • iexplore.exe (PID: 4008)

    • Creates files in the user directory

      • iexplore.exe (PID: 3264)
      • iexplore.exe (PID: 1740)
      • iexplore.exe (PID: 4008)

    • Dropped object may contain Bitcoin addresses

      • Sacndb5.tmp (PID: 2628)
      • iexplore.exe (PID: 4008)

    • Application was dropped or rewritten from another process

      • Sacndb5.tmp (PID: 2628)

    • Creates a software uninstall entry

      • Sacndb5.tmp (PID: 2628)

    • Reads settings of System Certificates

      • iexplore.exe (PID: 3264)
      • iexplore.exe (PID: 1740)

    • Creates files in the program directory

      • Sacndb5.tmp (PID: 2628)

    • Changes settings of System certificates

      • iexplore.exe (PID: 1740)

    • Adds / modifies Windows certificates

      • iexplore.exe (PID: 1740)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
51
Monitored processes
11
Malicious processes
5
Suspicious processes
2

Behavior graph

Click at the process to see the details
drop and start drop and start start drop and start drop and start drop and start drop and start drop and start iexplore.exe iexplore.exe driver_booster_ds_setup.exe no specs driver_booster_ds_setup.exe sacndb5.exe sacndb5.tmp hwinfo.exe setuphlp.exe no specs inststat.exe rtthlp.exe no specs iexplore.exe

Process information

PID
CMD
Path
Indicators
Parent process
440"C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\driver_booster_ds_setup.exe" C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\driver_booster_ds_setup.exe
iexplore.exe
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
Driver Booster Installer
Exit code:
0
Version:
5.0.0.393
Modules
Images
c:\users\admin\appdata\local\microsoft\windows\temporary internet files\content.ie5\b6qgx7lp\driver_booster_ds_setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
1740"C:\Program Files\Internet Explorer\iexplore.exe" "https://www.driversfordownload.com/samsung-drivers-for-download/476de283f333d032132f661e0bf62ba1.zip-driver-file-download-29124"C:\Program Files\Internet Explorer\iexplore.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iertutil.dll
2064"C:\Program Files\IObit\Driver Booster\5.1.0\HWiNFO\HWiNFO.exe" /brandnameC:\Program Files\IObit\Driver Booster\5.1.0\HWiNFO\HWiNFO.exe
Sacndb5.tmp
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
Hardware Information
Exit code:
0
Version:
5.0.0.33
Modules
Images
c:\program files\iobit\driver booster\5.1.0\hwinfo\hwinfo.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
2408"C:\Program Files\IObit\Driver Booster\5.1.0\InstStat.exe" /install db5C:\Program Files\IObit\Driver Booster\5.1.0\InstStat.exe
Sacndb5.tmp
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
Driver Booster InstStat
Exit code:
0
Version:
5.0.0.298
Modules
Images
c:\program files\iobit\driver booster\5.1.0\inststat.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
2628"C:\Users\admin\AppData\Local\Temp\is-P2U9I.tmp\Sacndb5.tmp" /SL5="$150224,18098887,141824,C:\Users\admin\AppData\Local\Temp\Sacndb5.exe" /sp- /verysilent /Installer /norestart /DIR="C:\Program Files\IObit\Driver Booster" /Installer-DeskIcon /Installer-TaskIconC:\Users\admin\AppData\Local\Temp\is-P2U9I.tmp\Sacndb5.tmp
Sacndb5.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-p2u9i.tmp\sacndb5.tmp
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
2948"C:\Program Files\IObit\Driver Booster\5.1.0\RttHlp.exe" /winstdateC:\Program Files\IObit\Driver Booster\5.1.0\RttHlp.exeSetupHlp.exe
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
IObit RttHlp
Exit code:
0
Version:
5.0.0.3
Modules
Images
c:\program files\iobit\driver booster\5.1.0\rtthlp.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
3252"C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\driver_booster_ds_setup.exe" C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B6QGX7LP\driver_booster_ds_setup.exeiexplore.exe
User:
admin
Company:
IObit
Integrity Level:
MEDIUM
Description:
Driver Booster Installer
Exit code:
3221226540
Version:
5.0.0.393
Modules
Images
c:\users\admin\appdata\local\microsoft\windows\temporary internet files\content.ie5\b6qgx7lp\driver_booster_ds_setup.exe
c:\systemroot\system32\ntdll.dll
3264"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:1740 CREDAT:267521 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iertutil.dll
3484"C:\Users\admin\AppData\Local\Temp\Sacndb5.exe" /sp- /verysilent /Installer /norestart /DIR="C:\Program Files\IObit\Driver Booster" /Installer-DeskIcon /Installer-TaskIconC:\Users\admin\AppData\Local\Temp\Sacndb5.exe
driver_booster_ds_setup.exe
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
Driver Booster 5 Setup
Exit code:
0
Version:
5.1.0.557
Modules
Images
c:\users\admin\appdata\local\temp\sacndb5.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
3976"C:\Program Files\IObit\Driver Booster\5.1.0\SetupHlp.exe" /installC:\Program Files\IObit\Driver Booster\5.1.0\SetupHlp.exeSacndb5.tmp
User:
admin
Company:
IObit
Integrity Level:
HIGH
Description:
Driver Booster Setup Helper
Exit code:
0
Version:
5.1.0.80
Modules
Images
c:\program files\iobit\driver booster\5.1.0\setuphlp.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
Total events
7 537
Read events
1 718
Write events
4 100
Delete events
1 719

Modification events

(PID) Process:(3264) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(3264) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(3264) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateLowDateTime
Value:
475389114
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlockManager
Operation:writeName:NextCheckForUpdateHighDateTime
Value:
30798666
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Operation:writeName:CompatibilityFlags
Value:
0
(PID) Process:(1740) iexplore.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Operation:writeName:ProxyEnable
Value:
0
Executable files
75
Suspicious files
162
Text files
382
Unknown types
88

Dropped files

PID
Process
Filename
Type
3264iexplore.exeC:\Users\admin\AppData\Local\Temp\Low\Cab6FAA.tmp
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\Local\Temp\Low\Tar6FAB.tmp
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E49827401028F7A0F97B5576C77A26CB_7CE95D8DCA26FE957E7BD7D76F353B08der
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E49827401028F7A0F97B5576C77A26CB_7CE95D8DCA26FE957E7BD7D76F353B08binary
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\653403CF2262729A10F38892E7EC8C34der
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MFAQUS6V\476de283f333d032132f661e0bf62ba1[1].htmhtml
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\653403CF2262729A10F38892E7EC8C34binary
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288Bder
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288Bbinary
MD5:
SHA256:
3264iexplore.exeC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5IWPIAR9\f[1].txttext
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
92
TCP/UDP connections
252
DNS requests
78
Threats
13

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3264
iexplore.exe
GET
200
151.139.128.14:80
http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTNMNJMNDqCqx8FcBWK16EHdimS6QQUU3m%2FWqorSs9UgOHYm8Cd8rIDZssCEH1bUSa0droR23QWC7xTDac%3D
US
der
727 b
whitelisted
3264
iexplore.exe
GET
200
2.21.242.221:80
http://isrg.trustid.ocsp.identrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRv9GhNQxLSSGKBnMArPUcsHYovpgQUxKexpHsscfrb4UuQdf%2FEFWCFiRACEAoBQUIAAAFThXNqC4Xspwg%3D
NL
der
1.37 Kb
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQCSaJP2bCz9oAgAAAAALnFI
US
der
472 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJqhjYqpgSVpULg%3D
US
der
468 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQDu3mVgzTXArwIAAAAAWXG3
US
der
472 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQD8ECyMf0Ly9QgAAAAALnFx
US
der
472 b
whitelisted
3264
iexplore.exe
GET
200
151.139.128.14:80
http://ocsp.usertrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCEBPqKHBb9OztDDZjCYBhQzY%3D
US
der
471 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQCv2pgtDmXnZAgAAAAALnDT
US
der
472 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQDvdxhhS3x8DggAAAAALnGY
US
der
472 b
whitelisted
3264
iexplore.exe
GET
200
216.58.207.67:80
http://ocsp.pki.goog/gts1o1/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRCRjDCJxnb3nDwj%2Fxz5aZfZjgXvAQUmNH4bhDrz5vsYJ8YkBug630J%2FSsCEQCSaJP2bCz9oAgAAAAALnFI
US
der
472 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3264
iexplore.exe
162.243.56.248:443
Digital Ocean, Inc.
US
unknown
3264
iexplore.exe
2.21.242.221:80
isrg.trustid.ocsp.identrust.com
Akamai International B.V.
NL
whitelisted
3264
iexplore.exe
172.217.16.130:443
pagead2.googlesyndication.com
Google Inc.
US
whitelisted
3264
iexplore.exe
2.21.242.204:80
ocsp.int-x3.letsencrypt.org
Akamai International B.V.
NL
whitelisted
3264
iexplore.exe
87.248.118.23:80
yui.yahooapis.com
Yahoo! UK Services Limited
GB
malicious
3264
iexplore.exe
216.58.207.67:80
ocsp.pki.goog
Google Inc.
US
whitelisted
3264
iexplore.exe
172.217.23.162:443
www.googletagservices.com
Google Inc.
US
whitelisted
3264
iexplore.exe
104.20.150.33:443
secure.statcounter.com
Cloudflare Inc
US
unknown
3264
iexplore.exe
172.217.22.10:443
fonts.googleapis.com
Google Inc.
US
whitelisted
3264
iexplore.exe
172.217.16.129:443
tpc.googlesyndication.com
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
www.driversfordownload.com
  • 192.35.177.64
unknown
isrg.trustid.ocsp.identrust.com
  • 2.21.242.221
  • 2.21.242.197
whitelisted
ocsp.int-x3.letsencrypt.org
  • 2.21.242.204
  • 2.21.242.236
whitelisted
yui.yahooapis.com
  • 87.248.118.23
  • 87.248.118.22
whitelisted
pagead2.googlesyndication.com
  • 172.217.16.130
whitelisted
ocsp.pki.goog
  • 216.58.207.67
whitelisted
adservice.google.nl
  • 216.58.205.226
whitelisted
adservice.google.com
  • 172.217.16.130
whitelisted
googleads.g.doubleclick.net
  • 172.217.23.130
whitelisted
secure.statcounter.com
  • 104.20.151.33
  • 104.20.150.33
whitelisted

Threats

PID
Process
Class
Message
3264
iexplore.exe
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
440
driver_booster_ds_setup.exe
Potentially Bad Traffic
ET INFO Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0)
Process
Message
driver_booster_ds_setup.exe
[DBInstaller] : + FormCreate
driver_booster_ds_setup.exe
AAAAAAA === fspi388430
driver_booster_ds_setup.exe
[DBInstaller] : - FormCreate
InstStat.exe
Track_Partner: iobit
InstStat.exe
FMsg_WM_HTTP_LOGIN:1028
InstStat.exe
******* TICSHttpPost.HttpCli_RequestDone: true 0
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://www.driversfordownload.com/samsung-drivers-for-download/476de283f333d032132f661e0bf62ba1.zip-driver-file-download-29124