File name:

launcher.exe

Full analysis: https://app.any.run/tasks/f3e72f00-c685-452f-8383-8ee83d0b1314
Verdict: Malicious activity
Analysis date: March 24, 2026, 22:00:19
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
golang
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32+ executable (console) x86-64, for MS Windows, 8 sections
MD5:

BE1B731CF4DB3F270E7A61DD8E245F7B

SHA1:

B532BF9513FDCB97391183F8E4A1D19900C9E059

SHA256:

34227424A15A78A4D080ED347C4184EF1FBC22F2C945B76A06A03EC5B3B90467

SSDEEP:

49152:W0sIxNoO/Uz4uhxweXZsLDYEumIDSmZPlgiWezNMIUFc02zeRXic1GOt5uyCeUbF:/mSJoJE5AtlgeApCrQquuwfETMQYE

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Application launched itself

      • java.exe (PID: 2664)

  • INFO

    • Create files in a temporary directory

      • java.exe (PID: 2664)
      • java.exe (PID: 2528)
      • launcher.exe (PID: 3748)
      • java.exe (PID: 7688)

    • Reads the computer name

      • java.exe (PID: 2664)

    • Reads the machine GUID from the registry

      • java.exe (PID: 2664)
      • java.exe (PID: 2528)

    • Reads CPU info

      • java.exe (PID: 2664)
      • java.exe (PID: 7688)

    • Checks supported languages

      • java.exe (PID: 2528)
      • launcher.exe (PID: 3748)
      • java.exe (PID: 2664)
      • java.exe (PID: 7688)

    • Reads Environment values

      • java.exe (PID: 2664)
      • java.exe (PID: 7688)

    • Drops encrypted JS script (Microsoft Script Encoder)

      • launcher.exe (PID: 3748)

    • Creates files or folders in the user directory

      • java.exe (PID: 2664)

    • Application based on Golang

      • launcher.exe (PID: 3748)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (87.3)
.exe | Generic Win/DOS Executable (6.3)
.exe | DOS Executable Generic (6.3)

EXIF

EXE

MachineType: AMD AMD64
TimeStamp: 0000:00:00 00:00:00
ImageFileCharacteristics: Executable, Large address aware
PEType: PE32+
LinkerVersion: 3
CodeSize: 803328
InitializedDataSize: 396288
UninitializedDataSize: -
EntryPoint: 0x77240
OSVersion: 6.1
ImageVersion: 1
SubsystemVersion: 6.1
Subsystem: Windows command line
No data.
screenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
137
Monitored processes
7
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start launcher.exe no specs conhost.exe no specs java.exe no specs java.exe slui.exe java.exe no specs conhost.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2528java -jar C:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\minimal.jar --input=C:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\mod.jar --version=1.21.11 --fabric=0.18.4C:\Program Files\Common Files\Oracle\Java\javapath_target_2010453\java.exelauncher.exe
User:
admin
Company:
Oracle Corporation
Integrity Level:
MEDIUM
Description:
Java(TM) Platform SE binary
Version:
25.0.2.0
Modules
Images
c:\program files\common files\oracle\java\javapath_target_2010453\java.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\combase.dll
c:\windows\system32\gdi32.dll
2664"C:\Program Files\Java\jdk-25.0.2\bin\java.exe" -jar C:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\minimal.jar --input=C:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\mod.jar --version=1.21.11 --fabric=0.18.4C:\Program Files\Java\jdk-25.0.2\bin\java.exe
java.exe
User:
admin
Company:
N/A
Integrity Level:
MEDIUM
Description:
Java(TM) Platform SE binary
Version:
25.0.2.0
Modules
Images
c:\program files\java\jdk-25.0.2\bin\java.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ucrtbase.dll
c:\program files\java\jdk-25.0.2\bin\jli.dll
c:\program files\java\jdk-25.0.2\bin\vcruntime140.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
2680C:\WINDOWS\System32\slui.exe -EmbeddingC:\Windows\System32\slui.exe
svchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Activation Client
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
3612\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exejava.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3748"C:\Users\admin\Desktop\launcher.exe" C:\Users\admin\Desktop\launcher.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Modules
Images
c:\users\admin\desktop\launcher.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\umpdc.dll
7608\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exelauncher.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Console Window Host
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
7688java -Xmx4G -Xms4G -Djava.library.path=C:\Users\admin\Desktop\.minecraft\natives --enable-native-access=ALL-UNNAMED -Dorg.lwjgl.glfw.GLFW_PLATFORM=6 -Dorg.lwjgl.opengl.Display.allowSoftwareOpenGL=true -Dorg.lwjgl.util.NoChecks=true -Djava.awt.headless=true -cp C:\Users\admin\Desktop\.minecraft\versions\1.21.11\1.21.11.jar;C:\Users\admin\Desktop\.minecraft\libraries\at\yawk\lz4\lz4-java\1.8.1\lz4-java-1.8.1.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\azure\azure-json\1.4.0\azure-json-1.4.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\github\oshi\oshi-core\6.9.0\oshi-core-6.9.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\google\code\gson\gson\2.13.2\gson-2.13.2.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\google\guava\failureaccess\1.0.3\failureaccess-1.0.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\google\guava\guava\33.5.0-jre\guava-33.5.0-jre.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\ibm\icu\icu4j\77.1\icu4j-77.1.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\microsoft\azure\msal4j\1.23.1\msal4j-1.23.1.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\authlib\7.0.61\authlib-7.0.61.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\blocklist\1.0.10\blocklist-1.0.10.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\brigadier\1.3.10\brigadier-1.3.10.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\datafixerupper\9.0.19\datafixerupper-9.0.19.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\jtracy\1.0.37\jtracy-1.0.37.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\jtracy\1.0.37\jtracy-1.0.37-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\logging\1.6.11\logging-1.6.11.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\patchy\2.2.10\patchy-2.2.10.jar;C:\Users\admin\Desktop\.minecraft\libraries\com\mojang\text2speech\1.18.11\text2speech-1.18.11.jar;C:\Users\admin\Desktop\.minecraft\libraries\commons-codec\commons-codec\1.19.0\commons-codec-1.19.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\commons-io\commons-io\2.20.0\commons-io-2.20.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-buffer\4.2.7.Final\netty-buffer-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-codec-base\4.2.7.Final\netty-codec-base-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-codec-compression\4.2.7.Final\netty-codec-compression-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-codec-http\4.2.7.Final\netty-codec-http-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-common\4.2.7.Final\netty-common-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-handler\4.2.7.Final\netty-handler-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-resolver\4.2.7.Final\netty-resolver-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-transport-classes-epoll\4.2.7.Final\netty-transport-classes-epoll-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-transport-classes-kqueue\4.2.7.Final\netty-transport-classes-kqueue-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-transport-native-unix-common\4.2.7.Final\netty-transport-native-unix-common-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-transport\4.2.7.Final\netty-transport-4.2.7.Final.jar;C:\Users\admin\Desktop\.minecraft\libraries\it\unimi\dsi\fastutil\8.5.18\fastutil-8.5.18.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\java\dev\jna\jna-platform\5.17.0\jna-platform-5.17.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\java\dev\jna\jna\5.17.0\jna-5.17.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\5.0.4\jopt-simple-5.0.4.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\apache\commons\commons-compress\1.28.0\commons-compress-1.28.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\apache\commons\commons-lang3\3.19.0\commons-lang3-3.19.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.25.2\log4j-api-2.25.2.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.25.2\log4j-core-2.25.2.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\apache\logging\log4j\log4j-slf4j2-impl\2.25.2\log4j-slf4j2-impl-2.25.2.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\jcraft\jorbis\0.0.17\jorbis-0.0.17.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\joml\joml\1.10.8\joml-1.10.8.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\jspecify\jspecify\1.0.0\jspecify-1.0.0.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-freetype\3.3.3\lwjgl-freetype-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-freetype\3.3.3\lwjgl-freetype-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-freetype\3.3.3\lwjgl-freetype-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-freetype\3.3.3\lwjgl-freetype-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-glfw\3.3.3\lwjgl-glfw-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-glfw\3.3.3\lwjgl-glfw-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-glfw\3.3.3\lwjgl-glfw-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-glfw\3.3.3\lwjgl-glfw-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-jemalloc\3.3.3\lwjgl-jemalloc-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-jemalloc\3.3.3\lwjgl-jemalloc-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-jemalloc\3.3.3\lwjgl-jemalloc-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-jemalloc\3.3.3\lwjgl-jemalloc-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-openal\3.3.3\lwjgl-openal-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-openal\3.3.3\lwjgl-openal-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-openal\3.3.3\lwjgl-openal-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-openal\3.3.3\lwjgl-openal-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-opengl\3.3.3\lwjgl-opengl-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-opengl\3.3.3\lwjgl-opengl-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-opengl\3.3.3\lwjgl-opengl-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-opengl\3.3.3\lwjgl-opengl-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-stb\3.3.3\lwjgl-stb-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-stb\3.3.3\lwjgl-stb-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-stb\3.3.3\lwjgl-stb-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-stb\3.3.3\lwjgl-stb-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-tinyfd\3.3.3\lwjgl-tinyfd-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-tinyfd\3.3.3\lwjgl-tinyfd-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-tinyfd\3.3.3\lwjgl-tinyfd-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl-tinyfd\3.3.3\lwjgl-tinyfd-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl\3.3.3\lwjgl-3.3.3.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl\3.3.3\lwjgl-3.3.3-natives-windows.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl\3.3.3\lwjgl-3.3.3-natives-windows-arm64.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\lwjgl\lwjgl\3.3.3\lwjgl-3.3.3-natives-windows-x86.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\slf4j\slf4j-api\2.0.17\slf4j-api-2.0.17.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\ow2\asm\asm\9.9\asm-9.9.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\ow2\asm\asm-analysis\9.9\asm-analysis-9.9.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\ow2\asm\asm-commons\9.9\asm-commons-9.9.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\ow2\asm\asm-tree\9.9\asm-tree-9.9.jar;C:\Users\admin\Desktop\.minecraft\libraries\org\ow2\asm\asm-util\9.9\asm-util-9.9.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\fabricmc\sponge-mixin\0.17.0+mixin.0.8.7\sponge-mixin-0.17.0+mixin.0.8.7.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\fabricmc\intermediary\1.21.11\intermediary-1.21.11.jar;C:\Users\admin\Desktop\.minecraft\libraries\net\fabricmc\fabric-loader\0.18.4\fabric-loader-0.18.4.jar net.fabricmc.loader.impl.launch.knot.KnotClient --version Fabric-1.21.11 --gameDir C:\Users\admin\Desktop\.minecraft --assetsDir C:\Users\admin\Desktop\.minecraft\assets --assetIndex 29 --username CyberGamer63 --uuid de8e541414cc4a298cea452137b84b2d --accessToken a94acb9a84f54f00a68df1b1b670a96d --userType legacyC:\Program Files\Java\jdk-25.0.2\bin\java.exejava.exe
User:
admin
Company:
N/A
Integrity Level:
MEDIUM
Description:
Java(TM) Platform SE binary
Version:
25.0.2.0
Modules
Images
c:\program files\java\jdk-25.0.2\bin\java.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ucrtbase.dll
c:\program files\java\jdk-25.0.2\bin\vcruntime140.dll
c:\program files\java\jdk-25.0.2\bin\jli.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
Total events
4 045
Read events
4 044
Write events
1
Delete events
0

Modification events

(PID) Process:(2680) slui.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\3d\52C64B7E
Operation:writeName:@%SystemRoot%\System32\sppcomapi.dll,-3200
Value:
Software Licensing
Executable files
9
Suspicious files
49
Text files
34
Unknown types
0

Dropped files

PID
Process
Filename
Type
2664java.exeC:\Users\admin\Desktop\.minecraft\libraries\com\mojang\brigadier\1.3.10\brigadier-1.3.10.jarcompressed
MD5:A755B426EB7942BB74B46A95B02F1DE4
SHA256:C8EE4136E474AC7723CA2B432EC8D1A2BC88EF7D1EC57C314BA9E33CDC83DD75
2664java.exeC:\Users\admin\Desktop\.minecraft\versions\1.21.11\1.21.11.jarbinary
MD5:1C752FEE9812E10096BCFEBD1DFE0A06
SHA256:1473C9489AC50FDA3C435049A76A70D61A10B8610DB27F5BA9D8756B686CD3BD
2664java.exeC:\Users\admin\Desktop\.minecraft\assets\indexes\29.jsontext
MD5:B630D4F07952F81DA2F0630E4A649152
SHA256:7C8B56DA2B1A1AAE90693D75488B57154C841C303B7A159D395CFF563E09240F
2664java.exeC:\Users\admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1693682860-607145093-2874071422-1001\83aa4cc77f591dfc2374580bbd95f6ba_bb926e54-e3ca-40fd-ae90-2764341e7792binary
MD5:C8366AE350E7019AEFC9D1E6E6A498C6
SHA256:11E6ACA8E682C046C83B721EEB5C72C5EF03CB5936C60DF6F4993511DDC61238
3748launcher.exeC:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\mod.jarjava
MD5:B481E6E49AD817265AC4969A7A5BAEDD
SHA256:20114E233628B406F59902CFD2A31F100684FEA5E6898F75076DD06F18CB9F4E
2528java.exeC:\Users\admin\AppData\Local\Temp\JavaLauncher.logtext
MD5:1B8CCD3A9C7DD6EE482DD71F44AF88EE
SHA256:0EA17B60A0AB7A2B1290154B6E7344EAF98C42F22FD75F7B2D92BCBA937880D0
3748launcher.exeC:\Users\admin\AppData\Local\Temp\mc_loader_1181519694\minimal.jarjava
MD5:3B63F30BE62FEBD828FE1B06E538F541
SHA256:2A74CF1506955B5D43B11BC0AB98E69BE60C4AC0178B8FE65D0BE09CC0436FDF
2664java.exeC:\Users\admin\Desktop\.minecraft\libraries\com\mojang\patchy\2.2.10\patchy-2.2.10.jarbinary
MD5:FF905BF0AACF501149A13880A2D6742D
SHA256:16D70E7968B45CAFFC81576268EB000F473FB60BF257182D3447DEA8EC919D5A
2664java.exeC:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-handler\4.2.7.Final\netty-handler-4.2.7.Final.jartext
MD5:5CC216424649736FDF10B7DCDEC55700
SHA256:21D063409C12DBCEC46D380C8856A0F7B6A5B68BB5F1D005EB065B4D64146CB3
2664java.exeC:\Users\admin\Desktop\.minecraft\libraries\io\netty\netty-transport-classes-kqueue\4.2.7.Final\netty-transport-classes-kqueue-4.2.7.Final.jarjava
MD5:7F1EA4986D99BBD172229C23A4EF0192
SHA256:A3EB1C94AE1A6BE9E1D1EC52C3F5C510A75B04B8EF1EA86B7E77B3F1287AE3CC
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
101
TCP/UDP connections
47
DNS requests
16
Threats
96

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
8044
svchost.exe
GET
200
184.24.77.10:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
2664
java.exe
GET
200
150.171.109.194:443
https://libraries.minecraft.net/com/mojang/logging/1.6.11/logging-1.6.11.jar
unknown
text
20.2 Kb
unknown
2664
java.exe
GET
200
150.171.109.194:443
https://libraries.minecraft.net/com/google/guava/guava/33.5.0-jre/guava-33.5.0-jre.jar
unknown
text
2.88 Mb
unknown
8044
svchost.exe
GET
200
23.52.181.212:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
POST
500
48.192.1.65:443
https://activation-v2.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=Retail
unknown
text
512 b
whitelisted
GET
200
13.107.213.44:443
https://piston-meta.mojang.com/mc/game/version_manifest_v2.json
unknown
binary
258 Kb
unknown
2664
java.exe
GET
200
13.107.213.44:443
https://piston-meta.mojang.com/v1/packages/87df4acbf2019e6c671cc623290800084b6d3420/1.21.11.json
unknown
text
41.2 Kb
unknown
2680
slui.exe
POST
500
48.192.1.64:443
https://activation-v2.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=Retail
unknown
text
512 b
whitelisted
2664
java.exe
GET
200
13.107.213.44:443
https://piston-data.mojang.com/v1/objects/ba2df812c2d12e0219c489c4cd9a5e1f0760f5bd/client.jar
unknown
binary
29.7 Mb
unknown
GET
200
188.114.97.3:443
https://meta.fabricmc.net/v2/versions/loader/1.21.11/0.18.4/profile/json
unknown
text
2.78 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
Not routed
whitelisted
5276
MoUsoCoreWorker.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
5412
slui.exe
48.192.1.64:443
activation-v2.sls.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2.16.241.218:443
www.bing.com
AKAMAI-ASN1
NL
whitelisted
4
System
192.168.100.255:138
Not routed
whitelisted
8044
svchost.exe
184.24.77.10:80
crl.microsoft.com
AKAMAI-ASN1
NL
whitelisted
8044
svchost.exe
23.52.181.212:80
www.microsoft.com
AKAMAI-AS
US
whitelisted
5276
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
8044
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 20.73.194.208
  • 4.231.128.59
whitelisted
activation-v2.sls.microsoft.com
  • 48.192.1.64
whitelisted
www.bing.com
  • 2.16.241.218
  • 2.16.241.205
whitelisted
google.com
  • 142.251.141.142
whitelisted
crl.microsoft.com
  • 184.24.77.10
  • 184.24.77.19
  • 184.24.77.39
  • 184.24.77.31
  • 184.24.77.22
  • 184.24.77.28
  • 184.24.77.16
  • 184.24.77.29
  • 184.24.77.9
  • 184.24.77.11
  • 184.24.77.6
  • 184.24.77.25
  • 184.24.77.24
  • 184.24.77.18
  • 184.24.77.7
  • 184.24.77.15
whitelisted
www.microsoft.com
  • 23.52.181.212
whitelisted
piston-meta.mojang.com
  • 13.107.246.44
  • 13.107.213.44
unknown
piston-data.mojang.com
  • 13.107.213.44
  • 13.107.246.44
unknown
meta.fabricmc.net
  • 188.114.96.3
  • 188.114.97.3
whitelisted
libraries.minecraft.net
  • 150.171.109.100
  • 13.107.213.44
  • 13.107.246.44
shared

Threats

PID
Process
Class
Message
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
Potential Corporate Privacy Violation
ET INFO User-Agent (Launcher)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
launcher.exe