download:

/zona-iptv/iptv-scanner/archive/refs/heads/main.zip

Full analysis: https://app.any.run/tasks/391d1306-53ad-46b4-b5de-c12698a78452
Verdict: Malicious activity
Analysis date: November 18, 2023, 18:46:28
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v1.0 to extract
MD5:

0CBA60340C50A0422B323F75AB2AF9E1

SHA1:

B5A1F0084F0AF40956D025023276F9867DBCB481

SHA256:

3953FCFBB0DFAA407515815F14FDF91C2AD59E9600F2BE63A31D78D9AF975FD8

SSDEEP:

98304:FafYMlB/kPJa0oOdQTG907e8pGQf30TJm4MT6gXjuxMKD1/ypls9Bo+kVDk/3Fs1:Ee1ul

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Process drops legitimate windows executable

      • WinRAR.exe (PID: 3128)

    • The process creates files with name similar to system file names

      • WinRAR.exe (PID: 3128)

    • Starts application with an unusual extension

      • cmd.exe (PID: 3512)
      • cmd.exe (PID: 2760)
      • cmd.exe (PID: 2892)
      • cmd.exe (PID: 3744)

    • Connects to unusual port

      • tcping.exe (PID: 3748)
      • tcping.exe (PID: 3900)
      • tcping.exe (PID: 3736)
      • tcping.exe (PID: 3732)
      • tcping.exe (PID: 4020)
      • tcping.exe (PID: 3936)
      • tcping.exe (PID: 3904)
      • tcping.exe (PID: 3956)
      • tcping.exe (PID: 3592)
      • tcping.exe (PID: 4040)
      • tcping.exe (PID: 3532)
      • tcping.exe (PID: 3712)
      • tcping.exe (PID: 4000)
      • tcping.exe (PID: 3976)
      • tcping.exe (PID: 4072)
      • tcping.exe (PID: 4036)
      • tcping.exe (PID: 3788)
      • tcping.exe (PID: 3704)
      • tcping.exe (PID: 3672)
      • tcping.exe (PID: 3600)
      • tcping.exe (PID: 3740)
      • tcping.exe (PID: 3708)
      • tcping.exe (PID: 4068)
      • tcping.exe (PID: 2376)
      • tcping.exe (PID: 1808)
      • tcping.exe (PID: 1032)
      • tcping.exe (PID: 316)
      • tcping.exe (PID: 1892)
      • tcping.exe (PID: 2060)
      • tcping.exe (PID: 1760)
      • tcping.exe (PID: 1852)
      • tcping.exe (PID: 556)
      • tcping.exe (PID: 2164)
      • tcping.exe (PID: 2092)
      • tcping.exe (PID: 1276)
      • tcping.exe (PID: 1604)
      • tcping.exe (PID: 1360)
      • tcping.exe (PID: 1348)
      • tcping.exe (PID: 1236)
      • tcping.exe (PID: 1824)
      • tcping.exe (PID: 284)
      • tcping.exe (PID: 1944)
      • tcping.exe (PID: 1812)
      • tcping.exe (PID: 2300)
      • tcping.exe (PID: 2444)
      • tcping.exe (PID: 2320)
      • tcping.exe (PID: 3800)
      • tcping.exe (PID: 2636)
      • tcping.exe (PID: 2644)
      • tcping.exe (PID: 2544)
      • tcping.exe (PID: 2736)
      • tcping.exe (PID: 1828)
      • tcping.exe (PID: 668)
      • tcping.exe (PID: 1644)
      • tcping.exe (PID: 328)
      • tcping.exe (PID: 2632)
      • tcping.exe (PID: 2428)
      • tcping.exe (PID: 3816)
      • tcping.exe (PID: 2396)
      • tcping.exe (PID: 2076)
      • tcping.exe (PID: 2408)
      • tcping.exe (PID: 536)
      • tcping.exe (PID: 276)
      • tcping.exe (PID: 988)
      • tcping.exe (PID: 476)
      • tcping.exe (PID: 2100)
      • tcping.exe (PID: 3868)
      • tcping.exe (PID: 2988)
      • tcping.exe (PID: 3260)
      • tcping.exe (PID: 3148)
      • tcping.exe (PID: 880)
      • tcping.exe (PID: 2980)
      • tcping.exe (PID: 2828)
      • tcping.exe (PID: 2976)
      • tcping.exe (PID: 2488)
      • tcping.exe (PID: 3596)
      • tcping.exe (PID: 3488)
      • tcping.exe (PID: 3668)
      • tcping.exe (PID: 2344)
      • tcping.exe (PID: 3424)
      • tcping.exe (PID: 3404)
      • tcping.exe (PID: 3652)
      • tcping.exe (PID: 3864)
      • tcping.exe (PID: 3544)
      • tcping.exe (PID: 3928)
      • tcping.exe (PID: 3644)
      • tcping.exe (PID: 3656)
      • tcping.exe (PID: 3912)
      • tcping.exe (PID: 3836)
      • tcping.exe (PID: 3876)
      • tcping.exe (PID: 3932)
      • tcping.exe (PID: 1952)

  • INFO

    • Manual execution by a user

      • cmd.exe (PID: 3512)
      • wmpnscfg.exe (PID: 3876)
      • cmd.exe (PID: 2760)
      • cmd.exe (PID: 2892)
      • cmd.exe (PID: 3744)

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 3128)

    • Checks supported languages

      • chcp.com (PID: 3576)
      • chcp.com (PID: 3404)
      • chcp.com (PID: 3276)
      • chcp.com (PID: 3516)
      • chcp.com (PID: 3596)
      • wmpnscfg.exe (PID: 3876)
      • tcping.exe (PID: 3936)
      • tcping.exe (PID: 3736)
      • tcping.exe (PID: 4072)
      • tcping.exe (PID: 3732)
      • tcping.exe (PID: 4000)
      • tcping.exe (PID: 4020)
      • tcping.exe (PID: 3976)
      • tcping.exe (PID: 3904)
      • tcping.exe (PID: 3900)
      • tcping.exe (PID: 3748)
      • tcping.exe (PID: 4040)
      • tcping.exe (PID: 3532)
      • tcping.exe (PID: 3592)
      • tcping.exe (PID: 3712)
      • tcping.exe (PID: 3956)
      • tcping.exe (PID: 4036)
      • tcping.exe (PID: 3672)
      • tcping.exe (PID: 3600)
      • tcping.exe (PID: 3740)
      • tcping.exe (PID: 1760)
      • tcping.exe (PID: 3708)
      • tcping.exe (PID: 4068)
      • tcping.exe (PID: 3788)
      • tcping.exe (PID: 3704)
      • tcping.exe (PID: 2060)
      • tcping.exe (PID: 1032)
      • tcping.exe (PID: 1892)
      • tcping.exe (PID: 316)
      • tcping.exe (PID: 1604)
      • tcping.exe (PID: 1360)
      • tcping.exe (PID: 2376)
      • tcping.exe (PID: 1808)
      • tcping.exe (PID: 1852)
      • tcping.exe (PID: 2164)
      • tcping.exe (PID: 2092)
      • tcping.exe (PID: 1236)
      • tcping.exe (PID: 1944)
      • tcping.exe (PID: 1348)
      • tcping.exe (PID: 556)
      • tcping.exe (PID: 1276)
      • tcping.exe (PID: 1812)
      • tcping.exe (PID: 1824)
      • tcping.exe (PID: 284)
      • tcping.exe (PID: 2300)
      • tcping.exe (PID: 3800)
      • tcping.exe (PID: 2444)
      • tcping.exe (PID: 2320)
      • tcping.exe (PID: 2636)
      • tcping.exe (PID: 2644)
      • tcping.exe (PID: 1644)
      • tcping.exe (PID: 1828)
      • tcping.exe (PID: 668)
      • tcping.exe (PID: 3816)
      • tcping.exe (PID: 2076)
      • tcping.exe (PID: 328)
      • tcping.exe (PID: 2428)
      • tcping.exe (PID: 2632)
      • tcping.exe (PID: 2544)
      • tcping.exe (PID: 2736)
      • tcping.exe (PID: 536)
      • tcping.exe (PID: 988)
      • tcping.exe (PID: 276)
      • tcping.exe (PID: 2396)
      • tcping.exe (PID: 476)
      • tcping.exe (PID: 2408)
      • tcping.exe (PID: 2100)
      • chcp.com (PID: 2748)
      • tcping.exe (PID: 3868)
      • tcping.exe (PID: 3148)
      • tcping.exe (PID: 2988)
      • tcping.exe (PID: 880)
      • tcping.exe (PID: 2828)
      • chcp.com (PID: 2820)
      • chcp.com (PID: 604)
      • chcp.com (PID: 2876)
      • chcp.com (PID: 2708)
      • tcping.exe (PID: 3260)
      • chcp.com (PID: 3364)
      • chcp.com (PID: 3320)
      • chcp.com (PID: 3064)
      • tcping.exe (PID: 2976)
      • tcping.exe (PID: 2488)
      • tcping.exe (PID: 2980)
      • chcp.com (PID: 2648)
      • tcping.exe (PID: 2344)
      • tcping.exe (PID: 3596)
      • tcping.exe (PID: 3668)
      • tcping.exe (PID: 3652)
      • tcping.exe (PID: 3644)
      • tcping.exe (PID: 3424)
      • tcping.exe (PID: 3404)
      • tcping.exe (PID: 3488)
      • tcping.exe (PID: 3544)
      • tcping.exe (PID: 3928)
      • tcping.exe (PID: 3912)
      • tcping.exe (PID: 3656)
      • chcp.com (PID: 2404)
      • tcping.exe (PID: 3836)
      • chcp.com (PID: 4024)
      • chcp.com (PID: 4016)
      • tcping.exe (PID: 3864)
      • tcping.exe (PID: 3876)
      • tcping.exe (PID: 1952)
      • tcping.exe (PID: 3932)
      • chcp.com (PID: 3972)
      • chcp.com (PID: 3980)
      • chcp.com (PID: 3976)

    • Reads the computer name

      • wmpnscfg.exe (PID: 3876)

    • Reads the machine GUID from the registry

      • wmpnscfg.exe (PID: 3876)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 10
ZipBitFlag: -
ZipCompression: None
ZipModifyDate: 2022:08:02 22:22:34
ZipCRC: 0x00000000
ZipCompressedSize: -
ZipUncompressedSize: -
ZipFileName: iptv-scanner-main/
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
164
Monitored processes
126
Malicious processes
4
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe no specs cmd.exe no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs ping.exe no specs ping.exe no specs wmpnscfg.exe no specs tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe cmd.exe no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs ping.exe no specs ping.exe no specs tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe cmd.exe no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs ping.exe no specs ping.exe no specs tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe tcping.exe cmd.exe no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs chcp.com no specs ping.exe no specs ping.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
276tcping.exe -n 1 -w 0.5 176.51.0.64 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
284tcping.exe -n 1 -w 0.5 176.51.0.42 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
316tcping.exe -n 1 -w 0.5 176.51.0.29 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
1
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
328tcping.exe -n 1 -w 0.5 176.51.0.50 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
476tcping.exe -n 1 -w 0.5 176.51.0.63 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
536tcping.exe -n 1 -w 0.5 176.51.0.59 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
556tcping.exe -n 1 -w 0.5 176.51.0.34 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
604chcp 866C:\Windows\System32\chcp.comcmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Change CodePage Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\chcp.com
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ulib.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
668tcping.exe -n 1 -w 0.5 176.51.0.56 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
880tcping.exe -n 1 -w 0.5 176.51.0.3 1234C:\Users\admin\Desktop\iptv-scanner-main\tcping.exe
cmd.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\desktop\iptv-scanner-main\tcping.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\user32.dll
Total events
13 628
Read events
13 606
Write events
19
Delete events
3

Modification events

(PID) Process:(3128) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\virtio_ivshmem_master_build.zip
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Operation:writeName:Placement
Value:
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
(PID) Process:(3128) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\General
Operation:writeName:LastFolder
Value:
C:\Users\admin\Desktop
Executable files
6
Suspicious files
0
Text files
2
Unknown types
0

Dropped files

PID
Process
Filename
Type
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\README.mdtext
MD5:0B1634DCED9B2422F0FC823E04A4B9EB
SHA256:D1541053FA0DDEABAFE9A08D03C75BEB46EBCC011F215565DA127D4C9F478BF9
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\sleep.exeexecutable
MD5:92E6D7F6428BDB6F9E1B787487EB2476
SHA256:74FEE8524C08943994E622F294D11460F4FE3B8E7E75A42FD54BE25BA39E83C4
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\curl.exeexecutable
MD5:4DB15511286782DC5AE8156E61482D35
SHA256:FE1D2AD2781879DC05039D87BD12259F3BCF411C66C925D31827D6A757D33EC4
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\vnc.exeexecutable
MD5:599CA72BBBAD83BD8B82B98718443106
SHA256:730B82B3A859D40844092746BAA9D3379FFA61167C2E6CA6EE9EFEAFA7347022
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\tcping.exeexecutable
MD5:546549673BE62E980B19CF29AE7C2BE6
SHA256:9F04C46E0CDAA5BCE32D98065E1E510A5F174E51B399D6408F2446444CCCD5FF
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\win_iconv.exeexecutable
MD5:42A93C993BBF0181D31575D798C118A2
SHA256:AA65C49C9860ED7FAC19A26828572FC1993D551782D1E6CBF9DF7FF4CFD182EB
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\Сканер IPTV.cmdtext
MD5:9352B31E0A33785BE928B22EF9655872
SHA256:FE2B3764E40BAFC7D2CA018A4F00B0845336EA85E358BD43B35D60EC844BE0DC
3128WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3128.18586\iptv-scanner-main\gsar.exeexecutable
MD5:276DF15F9ED2F4959077F8BC050DD236
SHA256:80497D3E57F602EFD1E3FDC3BD328E4C372D321C014711815E99120512B07AF0
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
96
DNS requests
1
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
2588
svchost.exe
239.255.255.250:1900
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
3936
tcping.exe
176.51.0.0:1234
Rostelecom
RU
unknown
3904
tcping.exe
176.51.0.1:1234
Rostelecom
RU
unknown
3900
tcping.exe
176.51.0.2:1234
Rostelecom
RU
unknown
3748
tcping.exe
176.51.0.3:1234
Rostelecom
RU
unknown
3736
tcping.exe
176.51.0.4:1234
Rostelecom
RU
unknown
3732
tcping.exe
176.51.0.5:1234
Rostelecom
RU
unknown

DNS requests

Domain
IP
Reputation
google.ru
  • 216.58.212.163
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
/zona-iptv/iptv-scanner/archive/refs/heads/main.zip