URL:

https://mouse-jiggler.en.download.it

Full analysis: https://app.any.run/tasks/65c2acba-5a36-44cd-ad11-7375bd73449d
Verdict: Malicious activity
Threats:

Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security.

Malware Trends Tracker     >>>
Analysis date: September 06, 2024, 14:43:26
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
adware
innosetup
loader
Indicators:
MD5:

E72BED83B08C0DE7BC483A5ADE3AA7DC

SHA1:

55747E8F0A0BE6DBD82C7A3B00C10D35C3DFA3FE

SHA256:

3BAF07D1F7EF2FDE742A7B38294B8A024C5C508211AA3C9CF2F2C730D6E5905B

SSDEEP:

3:N8ySHIBzKWQ:2ySoBzlQ

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • INNOSETUP has been detected (SURICATA)

      • file_6qif-E1.tmp (PID: 6204)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • mouse-jiggler_6qif-E1.exe (PID: 1744)
      • mouse-jiggler_6qif-E1.exe (PID: 2768)
      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.exe (PID: 5376)
      • file_6qif-E1.tmp (PID: 6204)

    • Reads security settings of Internet Explorer

      • mouse-jiggler_6qif-E1.tmp (PID: 6404)
      • file_6qif-E1.tmp (PID: 6204)
      • mouse-jiggler.exe (PID: 1556)

    • Reads the Windows owner or organization settings

      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.tmp (PID: 6204)

    • Process requests binary or script from the Internet

      • file_6qif-E1.tmp (PID: 6204)

    • Potential Corporate Privacy Violation

      • file_6qif-E1.tmp (PID: 6204)

    • Access to an unwanted program domain was detected

      • file_6qif-E1.tmp (PID: 6204)

  • INFO

    • Application launched itself

      • chrome.exe (PID: 5732)
      • msedge.exe (PID: 6988)
      • msedge.exe (PID: 6012)

    • The process uses the downloaded file

      • chrome.exe (PID: 1944)
      • chrome.exe (PID: 5732)
      • file_6qif-E1.tmp (PID: 6204)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 5732)
      • msedge.exe (PID: 6988)
      • chrome.exe (PID: 7784)

    • Checks supported languages

      • mouse-jiggler_6qif-E1.exe (PID: 1744)
      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • mouse-jiggler_6qif-E1.tmp (PID: 6404)
      • mouse-jiggler_6qif-E1.exe (PID: 2768)
      • file_6qif-E1.exe (PID: 5376)
      • file_6qif-E1.tmp (PID: 6204)
      • mouse-jiggler.exe (PID: 1556)
      • identity_helper.exe (PID: 7404)

    • Reads the computer name

      • mouse-jiggler_6qif-E1.tmp (PID: 6404)
      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.tmp (PID: 6204)
      • mouse-jiggler.exe (PID: 1556)
      • identity_helper.exe (PID: 7404)

    • Create files in a temporary directory

      • mouse-jiggler_6qif-E1.exe (PID: 1744)
      • mouse-jiggler_6qif-E1.exe (PID: 2768)
      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.exe (PID: 5376)
      • file_6qif-E1.tmp (PID: 6204)

    • Checks proxy server information

      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.tmp (PID: 6204)

    • Process checks computer location settings

      • mouse-jiggler_6qif-E1.tmp (PID: 6404)
      • file_6qif-E1.tmp (PID: 6204)

    • Reads the software policy settings

      • mouse-jiggler_6qif-E1.tmp (PID: 940)
      • file_6qif-E1.tmp (PID: 6204)

    • Reads the machine GUID from the registry

      • file_6qif-E1.tmp (PID: 6204)

    • Sends debugging messages

      • mouse-jiggler.exe (PID: 1556)

    • Manual execution by a user

      • msedge.exe (PID: 6988)

    • Reads Environment values

      • identity_helper.exe (PID: 7404)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
228
Monitored processes
92
Malicious processes
3
Suspicious processes
1

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs mouse-jiggler_6qif-e1.exe mouse-jiggler_6qif-e1.tmp no specs mouse-jiggler_6qif-e1.exe mouse-jiggler_6qif-e1.tmp file_6qif-e1.exe #INNOSETUP file_6qif-e1.tmp chrome.exe no specs mouse-jiggler.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs chrome.exe

Process information

PID
CMD
Path
Indicators
Parent process
940"C:\Users\admin\AppData\Local\Temp\is-TD1FP.tmp\mouse-jiggler_6qif-E1.tmp" /SL5="$150050,831488,831488,C:\Users\admin\Downloads\mouse-jiggler_6qif-E1.exe" /SPAWNWND=$A0342 /NOTIFYWND=$8039E C:\Users\admin\AppData\Local\Temp\is-TD1FP.tmp\mouse-jiggler_6qif-E1.tmp
mouse-jiggler_6qif-E1.exe
User:
admin
Company:
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-td1fp.tmp\mouse-jiggler_6qif-e1.tmp
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\comdlg32.dll
1132"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2440 --field-trial-handle=2364,i,15164059470657834100,8625259439938279323,262144 --variations-seed-version /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
1356"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5108 --field-trial-handle=1908,i,4256044247954027599,5222586296581500277,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
122.0.6261.70
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
1436"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5712 --field-trial-handle=2420,i,18200277102453748422,4963416867303494975,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1556"C:\Users\admin\Downloads\mouse-jiggler.exe" C:\Users\admin\Downloads\mouse-jiggler.exe
file_6qif-E1.tmp
User:
admin
Company:
Arkane Systems
Integrity Level:
HIGH
Description:
MouseJiggler
Exit code:
2147516547
Version:
2.0.25
Modules
Images
c:\users\admin\downloads\mouse-jiggler.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1556"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4160 --field-trial-handle=2420,i,18200277102453748422,4963416867303494975,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1744"C:\Users\admin\Downloads\mouse-jiggler_6qif-E1.exe" C:\Users\admin\Downloads\mouse-jiggler_6qif-E1.exe
chrome.exe
User:
admin
Company:
Integrity Level:
MEDIUM
Description:
Setup
Exit code:
0
Version:
4.78.2
Modules
Images
c:\users\admin\downloads\mouse-jiggler_6qif-e1.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\user32.dll
c:\windows\syswow64\win32u.dll
1744"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2416 --field-trial-handle=2420,i,18200277102453748422,4963416867303494975,262144 --variations-seed-version /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1944"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --disable-quic --no-appcompat-clear --mojo-platform-channel-handle=5764 --field-trial-handle=1908,i,4256044247954027599,5222586296581500277,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
122.0.6261.70
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
2612"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.59 --initial-client-data=0x264,0x23c,0x25c,0x238,0x31c,0x7fffd3755fd8,0x7fffd3755fe4,0x7fffd3755ff0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
Total events
18 425
Read events
18 359
Write events
55
Delete events
11

Modification events

(PID) Process:(5732) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(5732) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(5732) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(5732) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
0
(PID) Process:(5732) chrome.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
Operation:writeName:usagestats
Value:
0
(PID) Process:(1944) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
Operation:writeName:{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
Value:
0100000000000000BB2AA33D6B00DB01
(PID) Process:(6204) file_6qif-E1.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Operation:writeName:Owner
Value:
3C18000041C8CF466B00DB01
(PID) Process:(6204) file_6qif-E1.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Operation:writeName:SessionHash
Value:
EC768680A8B79568A64E88536B1AD90222DFA8EE4E33D2FDD77554009B163A55
(PID) Process:(6204) file_6qif-E1.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Operation:writeName:Sequence
Value:
1
(PID) Process:(6204) file_6qif-E1.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Operation:delete valueName:Sequence
Value:

Executable files
22
Suspicious files
605
Text files
168
Unknown types
14

Dropped files

PID
Process
Filename
Type
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\chrome_cart_db\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\PersistentOriginTrials\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old~RF12b946.TMP
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old~RF12b955.TMP
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\discounts_db\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old
MD5:
SHA256:
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.datbinary
MD5:FC81892AC822DCBB09441D3B58B47125
SHA256:FB077C966296D02D50CCBF7F761D2A3311A206A784A7496F331C2B0D6AD205C8
5732chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\739f1e55-f8e5-4869-804b-cfcafef1dcac.tmpbinary
MD5:5058F1AF8388633F609CADB75A75DC9D
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
108
TCP/UDP connections
148
DNS requests
177
Threats
2

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2120
MoUsoCoreWorker.exe
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
1764
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
6412
SIHClient.exe
GET
200
23.32.185.131:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
6412
SIHClient.exe
GET
200
23.32.185.131:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
5732
chrome.exe
GET
200
34.237.184.165:80
http://ocsps.ssl.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQMDtATfnJO6JAXDQoHl8pAaJdhTQQU3QQJB6L1en1SUxKSle44gCUNplkCEFt%2FVDgl5BqhKt4hQ5zf5m8%3D
unknown
whitelisted
5732
chrome.exe
GET
200
34.237.184.165:80
http://ocsps.ssl.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQMDtATfnJO6JAXDQoHl8pAaJdhTQQU3QQJB6L1en1SUxKSle44gCUNplkCEFt%2FVDgl5BqhKt4hQ5zf5m8%3D
unknown
whitelisted
5732
chrome.exe
GET
200
18.239.36.85:80
http://crls.ssl.com/ssl.com-rsa-RootCA.crl
unknown
whitelisted
5732
chrome.exe
GET
200
34.237.184.165:80
http://ocsps.ssl.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS0UJ9%2FZn2kc3RfVu9A%2FfyFSdQVAwQURPou5oAhpEaXDmroM7xTEWZNqbkCEF4bdHMJUrH6Pg1KnFCo2r4%3D
unknown
whitelisted
5732
chrome.exe
GET
200
95.101.111.144:80
http://sslcom.ocsp-certum.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBTYOkzrrCGQj08njZXbUQQpkoUmuQQUCHbNywf%2FJPbFze27kLzihDdGdfcCEQDkJwSV9oyR1tDse0lOpN8c
unknown
whitelisted
5732
chrome.exe
GET
200
18.239.36.85:80
http://crls.ssl.com/DTNT-Intermediate-codeSigning-RSA-4096-R2.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
6232
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
1148
RUXIMICS.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
2120
MoUsoCoreWorker.exe
23.35.229.160:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
3888
svchost.exe
239.255.255.250:1900
whitelisted
3260
svchost.exe
40.113.103.199:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
1764
svchost.exe
40.126.32.140:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
1764
svchost.exe
192.229.221.95:80
ocsp.digicert.com
EDGECAST
US
whitelisted
5732
chrome.exe
239.255.255.250:1900
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 20.73.194.208
  • 51.124.78.146
whitelisted
www.microsoft.com
  • 23.35.229.160
  • 23.32.185.131
whitelisted
google.com
  • 142.250.185.174
whitelisted
client.wns.windows.com
  • 40.113.103.199
whitelisted
login.live.com
  • 40.126.32.140
  • 40.126.32.133
  • 40.126.32.76
  • 40.126.32.136
  • 20.190.160.20
  • 20.190.160.17
  • 40.126.32.74
  • 40.126.32.68
  • 20.190.160.14
  • 40.126.32.134
  • 40.126.32.138
  • 40.126.32.72
  • 20.190.160.22
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
mouse-jiggler.en.download.it
  • 172.67.26.92
  • 104.22.56.224
  • 104.22.57.224
unknown
accounts.google.com
  • 64.233.166.84
whitelisted
cdn.download.it
  • 104.22.57.224
  • 104.22.56.224
  • 172.67.26.92
whitelisted
fonts.googleapis.com
  • 142.250.186.138
whitelisted

Threats

PID
Process
Class
Message
6204
file_6qif-E1.tmp
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
6204
file_6qif-E1.tmp
Possibly Unwanted Program Detected
ADWARE [ANY.RUN] InnoSetup Installer
Process
Message
mouse-jiggler.exe
A fatal error occurred. The required library hostfxr.dll could not be found. If this is a self-contained application, that library should exist in [C:\Users\admin\Downloads\]. If this is a framework-dependent application, install the runtime in the global location [C:\Program Files\dotnet] or use the DOTNET_ROOT environment variable to specify the runtime location or register the runtime location in [HKLM\SOFTWARE\dotnet\Setup\InstalledVersions\x64\InstallLocation].
mouse-jiggler.exe
The .NET runtime can be found at:
mouse-jiggler.exe
- https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win10-x64&apphost_version=5.0.4
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://mouse-jiggler.en.download.it