File name:

BraveBrowserSetup.x64.exe

Full analysis: https://app.any.run/tasks/b3874181-1737-4f1e-a1f3-9ba51efc527f
Verdict: Malicious activity
Analysis date: October 04, 2024, 12:24:02
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

068E09E6BE13F5FC296DF587F89AEDB0

SHA1:

29B1DA744042381ACE0BBFE1F5A815E87BB60921

SHA256:

370C88A1BE8B6CE495D883F7DE10CEC9D8E0FDB62438DFE9966B9F45BB166062

SSDEEP:

49152:DtG8yLTI+7trcdZ6jqFa0EKgVFgrbAVKXXV1fykKRB51+WLTW1UmDMrlilYpWaDJ:Dl8I+prQ3a00urAeKk1O8UmDeCslDeBy

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Disables SEHOP

      • BraveUpdate.exe (PID: 4840)

    • Starts itself from another location

      • BraveUpdate.exe (PID: 4840)

    • Creates/Modifies COM task schedule object

      • BraveUpdateComRegisterShell64.exe (PID: 2708)
      • BraveUpdate.exe (PID: 1972)
      • BraveUpdateComRegisterShell64.exe (PID: 5116)
      • BraveUpdateComRegisterShell64.exe (PID: 4652)

    • Reads security settings of Internet Explorer

      • BraveUpdate.exe (PID: 4840)
      • BraveUpdate.exe (PID: 5600)
      • BraveUpdate.exe (PID: 5072)

    • Executes as Windows Service

      • BraveUpdate.exe (PID: 2132)

    • Executable content was dropped or overwritten

      • BraveUpdate.exe (PID: 4840)
      • BraveBrowserSetup.x64.exe (PID: 4180)
      • BraveUpdateSetup.exe (PID: 5276)

  • INFO

    • Checks supported languages

      • BraveBrowserSetup.x64.exe (PID: 4180)
      • BraveUpdate.exe (PID: 4840)
      • BraveUpdate.exe (PID: 1172)
      • BraveUpdate.exe (PID: 1972)
      • BraveUpdateComRegisterShell64.exe (PID: 2708)
      • BraveUpdateComRegisterShell64.exe (PID: 5116)
      • BraveUpdateComRegisterShell64.exe (PID: 4652)
      • BraveUpdate.exe (PID: 6056)
      • BraveUpdate.exe (PID: 5600)
      • BraveUpdate.exe (PID: 2132)
      • BraveUpdateSetup.exe (PID: 5276)
      • BraveUpdate.exe (PID: 5072)

    • Reads the computer name

      • BraveUpdate.exe (PID: 1972)
      • BraveUpdate.exe (PID: 4840)
      • BraveUpdate.exe (PID: 1172)
      • BraveUpdate.exe (PID: 5072)
      • BraveUpdateComRegisterShell64.exe (PID: 2708)
      • BraveUpdateComRegisterShell64.exe (PID: 5116)
      • BraveUpdateComRegisterShell64.exe (PID: 4652)
      • BraveUpdate.exe (PID: 6056)
      • BraveUpdate.exe (PID: 2132)
      • BraveUpdate.exe (PID: 5600)

    • Process checks computer location settings

      • BraveUpdate.exe (PID: 5072)
      • BraveUpdate.exe (PID: 4840)

    • Creates files in the program directory

      • BraveUpdate.exe (PID: 4840)
      • BraveUpdate.exe (PID: 2132)

    • Create files in a temporary directory

      • BraveBrowserSetup.x64.exe (PID: 4180)

    • Checks proxy server information

      • BraveUpdate.exe (PID: 6056)
      • BraveUpdate.exe (PID: 5600)

    • Reads the machine GUID from the registry

      • BraveUpdate.exe (PID: 6056)
      • BraveUpdate.exe (PID: 2132)

    • Reads the software policy settings

      • BraveUpdate.exe (PID: 6056)
      • BraveUpdate.exe (PID: 2132)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (76.4)
.exe | Win32 Executable (generic) (12.4)
.exe | Generic Win/DOS Executable (5.5)
.exe | DOS Executable Generic (5.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:09:25 06:08:18+00:00
ImageFileCharacteristics: Executable, Large address aware, 32-bit
PEType: PE32
LinkerVersion: 14.41
CodeSize: 105984
InitializedDataSize: 1150976
UninitializedDataSize: -
EntryPoint: 0x6f24
OSVersion: 5.1
ImageVersion: -
SubsystemVersion: 5.1
Subsystem: Windows GUI
FileVersionNumber: 1.3.361.151
ProductVersionNumber: 1.3.361.151
FileFlagsMask: 0x003f
FileFlags: Private build
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: BraveSoftware Inc.
FileDescription: BraveSoftware Update Setup
FileVersion: 1.3.361.151
InternalName: BraveSoftware Update Setup
OriginalFileName: BraveUpdateSetup.exe
ProductName: BraveSoftware Update
ProductVersion: 1.3.361.151
LanguageId: en
PrivateBuild: -
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
128
Monitored processes
12
Malicious processes
3
Suspicious processes
2

Behavior graph

Click at the process to see the details
start bravebrowsersetup.x64.exe braveupdate.exe no specs braveupdatesetup.exe braveupdate.exe braveupdate.exe no specs braveupdate.exe no specs braveupdatecomregistershell64.exe no specs braveupdatecomregistershell64.exe no specs braveupdatecomregistershell64.exe no specs braveupdate.exe braveupdate.exe no specs braveupdate.exe

Process information

PID
CMD
Path
Indicators
Parent process
1172"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /regsvcC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
1972"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /regserverC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
2132"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svcC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
services.exe
User:
SYSTEM
Company:
BraveSoftware Inc.
Integrity Level:
SYSTEM
Description:
BraveSoftware Update
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\advapi32.dll
c:\windows\syswow64\msvcrt.dll
2708"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
4180"C:\Users\admin\Desktop\BraveBrowserSetup.x64.exe" C:\Users\admin\Desktop\BraveBrowserSetup.x64.exe
explorer.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
MEDIUM
Description:
BraveSoftware Update Setup
Version:
1.3.361.151
Modules
Images
c:\users\admin\desktop\bravebrowsersetup.x64.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\shlwapi.dll
4652"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
4840C:\WINDOWS\SystemTemp\GUM62CF.tmp\BraveUpdate.exe /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none" /installelevatedC:\Windows\SystemTemp\GUM62CF.tmp\BraveUpdate.exe
BraveUpdateSetup.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Version:
1.3.361.151
Modules
Images
c:\windows\systemtemp\gum62cf.tmp\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
5072C:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdate.exe /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none"C:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdate.exeBraveBrowserSetup.x64.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
MEDIUM
Description:
BraveSoftware Update
Version:
1.3.361.151
Modules
Images
c:\users\admin\appdata\local\temp\gum5cf2.tmp\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
5116"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
5276"C:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateSetup.exe" /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none" /installelevated /nomitagC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateSetup.exe
BraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update Setup
Version:
1.3.361.151
Modules
Images
c:\users\admin\appdata\local\temp\gum5cf2.tmp\braveupdatesetup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\shlwapi.dll
Total events
12 210
Read events
8 320
Write events
3 825
Delete events
65

Modification events

(PID) Process:(4180) BraveBrowserSetup.x64.exeKey:HKEY_CURRENT_USER\SOFTWARE\BraveSoftware\Promo
Operation:writeName:StubInstallerPath
Value:
C:\Users\admin\Desktop\BraveBrowserSetup.x64.exe
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:path
Value:
C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:UninstallCmdLine
Value:
"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /uninstall
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\Clients\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:pv
Value:
1.3.361.151
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\Clients\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:name
Value:
Brave Update
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\ClientState\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:pv
Value:
1.3.361.151
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BraveUpdate.exe
Operation:writeName:DisableExceptionChainValidation
Value:
0
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:brave_task_name_c
Value:
BraveSoftwareUpdateTaskMachineCore{85E0F8D2-6E46-4531-9BFC-0F14DE825325}
(PID) Process:(4840) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:brave_task_name_ua
Value:
BraveSoftwareUpdateTaskMachineUA{F948A2B5-33D1-4ABE-A6BF-B132D74CF8E0}
(PID) Process:(1172) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:delete valueName:uid
Value:
Executable files
216
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateOnDemand.exeexecutable
MD5:848B92B80B41756C6BE31FD511EDDEDF
SHA256:DB9749F8BE95E21F1BB1FEB5D9F84A3ECBF432DEBB5B7B0E6D0AA35948984102
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\goopdate.dllexecutable
MD5:C20353018ACD605661691186BB313A69
SHA256:137A22656D8EA111C43C6BE8A3BC938ACE7B566BDEE0DE9C9D40467403E9ADFC
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateBroker.exeexecutable
MD5:9BB7B8BB7CF6A96AF5E819BAD6E80A9D
SHA256:8BBB104638AF6DF01194E0BEC0B20CF5AA17CBEB82B2DBE46370340EF393BD91
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateComRegisterShell64.exeexecutable
MD5:25828A1EE3E9603E8B8653312A1FC93A
SHA256:9A4DA8A83D44888BD94C980E5F881E8861C313B4587387AF3756E7E9CE32D2F4
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\psuser_64.dllexecutable
MD5:264C2398B95144805F83758646BA3EF4
SHA256:F5D435AE40C118EB3A2677654AF4F31F818D7DED5A480E2CB458BA77CE2FA726
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\psuser.dllexecutable
MD5:51D3FED607BF2CC23C55740B2D1332B6
SHA256:CBB33E72F75273A3FD9DA25E098A017C9A38EDEA058864107A7453707D1CBC38
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\psmachine_64.dllexecutable
MD5:BD787D94EA7FB6C511247355E33E0A07
SHA256:112D0E76263AABF9FCAAD8DFF2E4B03839BBE1124CD64AA27932C784BA17F511
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateCore.exeexecutable
MD5:524FF11C8062E51B61310E0017605325
SHA256:2A4AE9C22F92E01D38C6177982FBB65F2EC422E02B65C7178F1F973E58D2C545
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\psmachine.dllexecutable
MD5:744B1E42C1815B9FEF94B8008A93C0DC
SHA256:1E2B2C29C44699A44C0E8D42ABA6C89196BA5A9D1E5FDAA8F508C629415F4995
4180BraveBrowserSetup.x64.exeC:\Users\admin\AppData\Local\Temp\GUM5CF2.tmp\BraveUpdateComRegisterShellArm64.exeexecutable
MD5:F8047C85B81DC8E773FE17FA2CA0D2BF
SHA256:A6261EF9CCA7D4392DF3031235EFB76E60CB99CFD332E0E9D723FC769827566E
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
4
TCP/UDP connections
28
DNS requests
7
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
HEAD
200
3.161.82.75:443
https://updates-cdn.bravesoftware.com/build/Brave-Release/release/win/129.1.70.123/x64/brave_installer-x64.exe
unknown
unknown
GET
3.161.82.75:443
https://updates-cdn.bravesoftware.com/build/Brave-Release/release/win/129.1.70.123/x64/brave_installer-x64.exe
unknown
unknown
POST
200
13.32.121.47:443
https://updates.bravesoftware.com/service/update2
unknown
xml
250 b
unknown
POST
200
13.32.121.47:443
https://updates.bravesoftware.com/service/update2?cup2key=2:nnjjpxVLxa64mWgKFUDnUOoeD2E52uP19Nk5YwP_q_k&cup2hreq=6c933c090d67efbf04d74a05cf1a6327b4013209f5a63385904fd0439bd88763
unknown
xml
6.15 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
6588
svchost.exe
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3888
svchost.exe
239.255.255.250:1900
whitelisted
4
System
192.168.100.255:138
whitelisted
6056
BraveUpdate.exe
13.32.121.124:443
updates.bravesoftware.com
AMAZON-02
US
shared
2132
BraveUpdate.exe
13.32.121.124:443
updates.bravesoftware.com
AMAZON-02
US
shared
6588
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
5208
svchost.exe
3.161.82.75:443
updates-cdn.bravesoftware.com
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 51.104.136.2
  • 40.127.240.158
whitelisted
google.com
  • 142.250.186.46
whitelisted
updates.bravesoftware.com
  • 13.32.121.124
  • 13.32.121.6
  • 13.32.121.47
  • 13.32.121.70
shared
dl.brave.com
whitelisted
updates-cdn.bravesoftware.com
  • 3.161.82.75
  • 3.161.82.23
  • 3.161.82.8
  • 3.161.82.36
whitelisted

Threats

Found threats are available for the paid subscriptions
3 ETPRO signatures available at the full report
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
BraveBrowserSetup.x64.exe