File name:

AntiPublic Cracked by MaslovKK.zip

Full analysis: https://app.any.run/tasks/9bdccb44-f7b0-4b5a-8922-ca92c90672aa
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Malware Trends Tracker     >>>
Analysis date: May 02, 2020, 21:43:23
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
loader
Indicators:
MIME: application/zip
File info: Zip archive data, at least v1.0 to extract
MD5:

96AB7C6F9982A79CC9BE9D75D6ABBA4D

SHA1:

08ECB0AA4CDF871A8C20511DEEC852AE66BDEC1C

SHA256:

43E2B96B296BDF675BBF56AD4709E55F09192D8A52F28DFDC6D8259855B22A75

SSDEEP:

24576:jRKj/DpOaxUsoogrn/bP46U2sogJRRzOljziZ1MCpeA/xRzQVdpOaxUUoogrn/bM:jRA/D8axMogrn/youbKpzK1MCEA/xRzE

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Loads dropped or rewritten executable

      • SearchProtocolHost.exe (PID: 744)
      • AntiPublic.exe (PID: 3052)
      • AntiPublic.exe (PID: 2884)
      • AntiPublic.exe (PID: 3080)
      • AntiPublic Updater.exe (PID: 3504)
      • AntiPublic.exe (PID: 3964)
      • AntiPublic.exe (PID: 3720)
      • AntiPublic.exe (PID: 3740)
      • AntiPublic Updater.exe (PID: 1092)
      • AntiPublic.exe (PID: 3676)

    • Application was dropped or rewritten from another process

      • AntiPublic.exe (PID: 2884)
      • AntiPublic Updater.exe (PID: 3504)
      • AntiPublic.exe (PID: 3720)
      • AntiPublic Updater.exe (PID: 1092)
      • AntiPublic.exe (PID: 3740)
      • AntiPublic.exe (PID: 3676)

    • Downloads executable files from the Internet

      • AntiPublic Updater.exe (PID: 3504)
      • AntiPublic Updater.exe (PID: 1092)

  • SUSPICIOUS

    • Starts Internet Explorer

      • AntiPublic.exe (PID: 3052)
      • AntiPublic.exe (PID: 3080)
      • AntiPublic.exe (PID: 3964)
      • AntiPublic.exe (PID: 3740)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 3428)
      • AntiPublic Updater.exe (PID: 3504)
      • AntiPublic Updater.exe (PID: 1092)

    • Reads Environment values

      • AntiPublic.exe (PID: 2884)
      • AntiPublic.exe (PID: 3720)
      • AntiPublic.exe (PID: 3740)
      • AntiPublic.exe (PID: 3676)

  • INFO

    • Manual execution by user

      • AntiPublic.exe (PID: 3052)
      • WinRAR.exe (PID: 3428)
      • AntiPublic.exe (PID: 2884)
      • AntiPublic.exe (PID: 3080)
      • AntiPublic Updater.exe (PID: 3504)
      • AntiPublic.exe (PID: 3964)
      • AntiPublic Updater.exe (PID: 1092)
      • AntiPublic.exe (PID: 3676)

    • Reads Internet Cache Settings

      • iexplore.exe (PID: 3864)
      • iexplore.exe (PID: 2872)
      • iexplore.exe (PID: 3664)
      • iexplore.exe (PID: 3988)
      • iexplore.exe (PID: 2356)
      • iexplore.exe (PID: 3132)
      • iexplore.exe (PID: 2456)
      • iexplore.exe (PID: 1912)

    • Changes internet zones settings

      • iexplore.exe (PID: 3864)
      • iexplore.exe (PID: 3664)
      • iexplore.exe (PID: 2356)
      • iexplore.exe (PID: 2456)

    • Creates files in the user directory

      • iexplore.exe (PID: 2872)
      • iexplore.exe (PID: 3988)

    • Application launched itself

      • iexplore.exe (PID: 3664)
      • iexplore.exe (PID: 2456)

    • Reads settings of System Certificates

      • iexplore.exe (PID: 2872)
      • iexplore.exe (PID: 2356)
      • iexplore.exe (PID: 3988)
      • iexplore.exe (PID: 3664)
      • iexplore.exe (PID: 1912)

    • Reads internet explorer settings

      • iexplore.exe (PID: 3988)
      • iexplore.exe (PID: 3132)

    • Changes settings of System certificates

      • iexplore.exe (PID: 2356)
      • iexplore.exe (PID: 3664)

    • Adds / modifies Windows certificates

      • iexplore.exe (PID: 3664)
      • iexplore.exe (PID: 2356)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 10
ZipBitFlag: -
ZipCompression: None
ZipModifyDate: 2020:05:02 16:08:29
ZipCRC: 0x00000000
ZipCompressedSize: -
ZipUncompressedSize: -
ZipFileName: AntiPublic Cracked by MaslovKK/
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
64
Monitored processes
20
Malicious processes
10
Suspicious processes
0

Behavior graph

Click at the process to see the details
start drop and start drop and start winrar.exe no specs antipublic.exe iexplore.exe no specs iexplore.exe winrar.exe searchprotocolhost.exe no specs antipublic.exe antipublic.exe iexplore.exe iexplore.exe antipublic updater.exe antipublic.exe antipublic.exe iexplore.exe iexplore.exe antipublic updater.exe antipublic.exe iexplore.exe no specs iexplore.exe antipublic.exe

Process information

PID
CMD
Path
Indicators
Parent process
744"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" C:\Windows\System32\SearchProtocolHost.exeSearchIndexer.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Microsoft Windows Search Protocol Host
Exit code:
0
Version:
7.00.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
1092"C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic Updater.exe" C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic Updater.exe
explorer.exe
User:
admin
Company:
Newtonsoft
Integrity Level:
MEDIUM
Description:
Json.NET
Exit code:
0
Version:
9.0.1.19813
Modules
Images
c:\users\admin\desktop\antipublic cracked by maslovkk\antipublic updater.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
1912"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2456 CREDAT:267521 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2356"C:\Program Files\Internet Explorer\iexplore.exe" http://bit.ly/antipublic-buyC:\Program Files\Internet Explorer\iexplore.exe
AntiPublic.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
1
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\iertutil.dll
2456"C:\Program Files\Internet Explorer\iexplore.exe" http://bit.ly/antipublic-buyC:\Program Files\Internet Explorer\iexplore.exeAntiPublic.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Internet Explorer
Exit code:
1
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iertutil.dll
2872"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3864 CREDAT:267521 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iertutil.dll
2884"C:\Users\admin\Desktop\AntiPublic GetKey\AntiPublic.exe" C:\Users\admin\Desktop\AntiPublic GetKey\AntiPublic.exe
explorer.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Exit code:
0
Version:
0.0.0.0
Modules
Images
c:\users\admin\desktop\antipublic getkey\antipublic.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
3052"C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic.exe" C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic.exe
explorer.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Exit code:
0
Version:
0.0.0.0
Modules
Images
c:\users\admin\desktop\antipublic cracked by maslovkk\antipublic.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
3080"C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic.exe" C:\Users\admin\Desktop\AntiPublic Cracked by MaslovKK\AntiPublic.exe
explorer.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Exit code:
0
Version:
0.0.0.0
Modules
Images
c:\users\admin\desktop\antipublic cracked by maslovkk\antipublic.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
3132"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2356 CREDAT:267521 /prefetch:2C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Internet Explorer
Exit code:
0
Version:
11.00.9600.16428 (winblue_gdr.131013-1700)
Modules
Images
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iertutil.dll
Total events
14 927
Read events
4 449
Write events
7 051
Delete events
3 427

Modification events

(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(3284) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Downloads\AntiPublic Cracked by MaslovKK.zip
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Operation:writeName:Placement
Value:
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
(PID) Process:(3284) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\General
Operation:writeName:LastFolder
Value:
C:\Users\admin\Downloads
Executable files
11
Suspicious files
46
Text files
21
Unknown types
41

Dropped files

PID
Process
Filename
Type
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\AltoControls.dll
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\AntiPublic Updater.exe
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\AntiPublic.exe
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\AntiPublic.exe.config
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\AntiPublic.pdb
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\ConsoleRegChecker.exe
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\en\AntiPublic.resources.dll
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\GemBox.Email.dll
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\GemBox.Email.xml
MD5:
SHA256:
3284WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3284.15709\AntiPublic Cracked by MaslovKK\maslovkk.ini
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
46
TCP/UDP connections
65
DNS requests
24
Threats
4

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3052
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check.php?key=HelloWorld&plus=1
FR
text
69 b
whitelisted
2872
iexplore.exe
GET
301
67.199.248.11:80
http://bit.ly/antipublic-buy
US
html
140 b
shared
3052
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check.php?key=HelloWorld&plus=1
FR
text
69 b
whitelisted
3080
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check_updates.php?do=version
FR
text
18 b
whitelisted
3080
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check.php?key=HelloWorld&plus=1
FR
text
69 b
whitelisted
3988
iexplore.exe
GET
200
2.16.186.9:80
http://isrg.trustid.ocsp.identrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRv9GhNQxLSSGKBnMArPUcsHYovpgQUxKexpHsscfrb4UuQdf%2FEFWCFiRACEAoBQUIAAAFThXNqC4Xspwg%3D
unknown
der
1.37 Kb
whitelisted
3052
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check_updates.php?do=version
FR
text
18 b
whitelisted
3080
AntiPublic.exe
GET
200
87.98.186.90:80
http://myrz.org/api/check.php?key=HelloWorld&plus=1
FR
text
69 b
whitelisted
3988
iexplore.exe
GET
200
216.58.207.35:80
http://ocsp.pki.goog/gsr2/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBTgXIsxbvr2lBkPpoIEVRE6gHlCnAQUm%2BIHV2ccHsBqBt5ZtJot39wZhi4CDQHjtJqhjYqpgSVpULg%3D
US
der
468 b
whitelisted
3988
iexplore.exe
GET
200
2.16.186.9:80
http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgO1jx6iFPvf%2FPNpZohJbceW3Q%3D%3D
unknown
der
527 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3988
iexplore.exe
2.16.186.35:80
isrg.trustid.ocsp.identrust.com
Akamai International B.V.
whitelisted
2872
iexplore.exe
67.199.248.11:80
bit.ly
Bitly Inc
US
shared
3052
AntiPublic.exe
87.98.186.90:80
myrz.org
OVH SAS
FR
suspicious
2872
iexplore.exe
5.196.33.238:443
lolzteam.online
OVH SAS
NL
unknown
5.196.33.238:443
lolzteam.online
OVH SAS
NL
unknown
3988
iexplore.exe
172.217.16.170:443
fonts.googleapis.com
Google Inc.
US
whitelisted
3988
iexplore.exe
209.197.3.24:443
code.jquery.com
Highwinds Network Group, Inc.
US
malicious
3988
iexplore.exe
151.139.128.14:80
ocsp.usertrust.com
Highwinds Network Group, Inc.
US
suspicious
3504
AntiPublic Updater.exe
87.98.186.90:80
myrz.org
OVH SAS
FR
suspicious
3988
iexplore.exe
172.217.16.195:443
fonts.gstatic.com
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
myrz.org
  • 87.98.186.90
whitelisted
bit.ly
  • 67.199.248.11
  • 67.199.248.10
shared
lolzteam.online
  • 5.196.33.238
unknown
isrg.trustid.ocsp.identrust.com
  • 2.16.186.9
  • 2.16.186.35
whitelisted
ocsp.int-x3.letsencrypt.org
  • 2.16.186.9
whitelisted
fonts.googleapis.com
  • 172.217.16.170
whitelisted
code.jquery.com
  • 209.197.3.24
whitelisted
ocsp.pki.goog
  • 216.58.207.35
whitelisted
ocsp.usertrust.com
  • 151.139.128.14
whitelisted
ocsp.comodoca.com
  • 151.139.128.14
whitelisted

Threats

PID
Process
Class
Message
3504
AntiPublic Updater.exe
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
3504
AntiPublic Updater.exe
Potentially Bad Traffic
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
1092
AntiPublic Updater.exe
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
1092
AntiPublic Updater.exe
Potentially Bad Traffic
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
AntiPublic Cracked by MaslovKK.zip