File name: | MyDesk.exe |
Full analysis: | https://app.any.run/tasks/61633796-5f58-45de-ab7f-e24d91c9ce90 |
Verdict: | Malicious activity |
Analysis date: | June 12, 2019, 09:41:12 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-dosexec |
File info: | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5: | 049A374FD680A0C28536725F3B0ADC0B |
SHA1: | 11C721E3A8BD544B2D3A25A4A4EE598D6583B0ED |
SHA256: | 486A04BDC4ADF842A5EFADF2031FC6072A31EF599C881FC0EA93EB0E8E0B4FCF |
SSDEEP: | 12288:Jx/B1j/XUJJWeuEacT3xON1++LfMQqRScjPozfvLLY1TW/0oVyNk3tTBcH2/Ljko:LJxvU2eRacjxEE+9qRScjgzKa8g2kdT1 |
.exe | | | Win32 Executable MS Visual C++ (generic) (42.2) |
---|---|---|
.exe | | | Win64 Executable (generic) (37.3) |
.dll | | | Win32 Dynamic Link Library (generic) (8.8) |
.exe | | | Win32 Executable (generic) (6) |
.exe | | | Generic Win/DOS Executable (2.7) |
Privatebuild: | - |
---|---|
LanguageId: | en |
ProductVersion: | 1.0.0.13544 |
ProductName: | Setup |
OriginalFileName: | Setup |
LegalCopyright: | Copyright 2007-2010 SentryBay |
InternalName: | Setup |
FileVersion: | 1.0.0.13544 |
FileDescription: | Setup |
CompanyName: | SentryBay |
CharacterSet: | Unicode |
LanguageCode: | English (U.S.) |
FileSubtype: | - |
ObjectFileType: | Unknown |
FileOS: | Win32 |
FileFlags: | (none) |
FileFlagsMask: | 0x0017 |
ProductVersionNumber: | 1.0.0.13544 |
FileVersionNumber: | 1.0.0.13544 |
Subsystem: | Windows GUI |
SubsystemVersion: | 5 |
ImageVersion: | - |
OSVersion: | 5 |
EntryPoint: | 0x1000 |
UninitializedDataSize: | - |
InitializedDataSize: | 570368 |
CodeSize: | 13824 |
LinkerVersion: | 9 |
PEType: | PE32 |
TimeStamp: | 2017:11:05 21:38:33+01:00 |
MachineType: | Intel 386 or later, and compatibles |
Architecture: | IMAGE_FILE_MACHINE_I386 |
---|---|
Subsystem: | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Compilation Date: | 05-Nov-2017 20:38:33 |
Detected languages: |
|
Debug artifacts: |
|
CompanyName: | SentryBay |
FileDescription: | Setup |
FileVersion: | 1.0.0.13544 |
InternalName: | Setup |
LegalCopyright: | Copyright 2007-2010 SentryBay |
OriginalFilename: | Setup |
ProductName: | Setup |
ProductVersion: | 1.0.0.13544 |
LanguageId: | en |
Privatebuild: | - |
Magic number: | MZ |
---|---|
Bytes on last page of file: | 0x0090 |
Pages in file: | 0x0003 |
Relocations: | 0x0000 |
Size of header: | 0x0004 |
Min extra paragraphs: | 0x0000 |
Max extra paragraphs: | 0xFFFF |
Initial SS value: | 0x0000 |
Initial SP value: | 0x00B8 |
Checksum: | 0x0000 |
Initial IP value: | 0x0000 |
Initial CS value: | 0x0000 |
Overlay number: | 0x0000 |
OEM identifier: | 0x0000 |
OEM information: | 0x0000 |
Address of NE header: | 0x000000F0 |
Signature: | PE |
---|---|
Machine: | IMAGE_FILE_MACHINE_I386 |
Number of sections: | 4 |
Time date stamp: | 05-Nov-2017 20:38:33 |
Pointer to Symbol Table: | 0x00000000 |
Number of symbols: | 0 |
Size of Optional Header: | 0x00E0 |
Characteristics: |
|
Name | Virtual Address | Virtual Size | Raw Size | Charateristics | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00003415 | 0x00003600 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ | 6.45997 |
.rdata | 0x00005000 | 0x000006FA | 0x00000800 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 4.70125 |
.data | 0x00006000 | 0x000001B4 | 0x00000200 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 0.436362 |
.rsrc | 0x00007000 | 0x0008A880 | 0x0008AA00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 7.94496 |
Title | Entropy | Size | Codepage | Language | Type |
---|---|---|---|---|---|
1 | 5.09285 | 738 | Latin 1 / Western European | UNKNOWN | RT_MANIFEST |
2 | 3.89724 | 744 | Latin 1 / Western European | English - United States | RT_ICON |
3 | 3.68656 | 1640 | Latin 1 / Western European | English - United States | RT_ICON |
4 | 5.62942 | 1384 | Latin 1 / Western European | English - United States | RT_ICON |
5 | 6.58105 | 2216 | Latin 1 / Western European | English - United States | RT_ICON |
6 | 6.5168 | 3752 | Latin 1 / Western European | English - United States | RT_ICON |
7 | 6.07002 | 1128 | Latin 1 / Western European | English - United States | RT_ICON |
8 | 5.12163 | 9640 | Latin 1 / Western European | English - United States | RT_ICON |
101 | 2.87666 | 118 | Latin 1 / Western European | English - United States | RT_GROUP_ICON |
102 | 7.99967 | 524773 | Latin 1 / Western European | UNKNOWN | B |
KERNEL32.dll |
SHLWAPI.dll |
USER32.dll |
ole32.dll |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3100 | "C:\Users\admin\AppData\Local\Temp\MyDesk.exe" | C:\Users\admin\AppData\Local\Temp\MyDesk.exe | explorer.exe | |
User: admin Company: SentryBay Integrity Level: MEDIUM Description: Setup Exit code: 0 Version: 1.0.0.13544 | ||||
3736 | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdate.exe /install "appguid={12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA}&ap=live_phase3&brand=ac_creditsuisse&appname=MyDesk&needsadmin=True&installerdata=%3C%3Fxml%20version%3D%221.0%22%3F%3E%0A%3CPrePackagedLicense%20xmlns%3D%22http%3A%2F%2Fwww.sentrybay.com%2Flicense%2Fv2%22%3E%3CLicense%20Id%3D%22_92655394de191037819c4040b70e735a%22%3E%3CIssueDate%3E2019-06-12%3C%2FIssueDate%3E%3CDaysUntilExpiry%3E32767%3C%2FDaysUntilExpiry%3E%3CProduct%3ESAS%3C%2FProduct%3E%3CType%3EFull%3C%2FType%3E%3CLicensor%3Eac_creditsuisse%3C%2FLicensor%3E%3CSeats%3E1%3C%2FSeats%3E%3CReference%3Elive_phase3%3C%2FReference%3E%3C%2FLicense%3E%3Cds%3ASignature%20xmlns%3Ads%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23%22%3E%0A%20%20%3Cds%3ASignedInfo%3E%3Cds%3ACanonicalizationMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%0A%20%20%20%20%3Cds%3ASignatureMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1%22%2F%3E%0A%20%20%3Cds%3AReference%3E%3Cds%3ATransforms%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23enveloped-signature%22%2F%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%3C%2Fds%3ATransforms%3E%3Cds%3ADigestMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23sha1%22%2F%3E%3Cds%3ADigestValue%3EZVdeHy3ndrUBStNIr9b1C6eSaP4%3D%3C%2Fds%3ADigestValue%3E%3C%2Fds%3AReference%3E%3C%2Fds%3ASignedInfo%3E%3Cds%3ASignatureValue%3EKn8BkIGJ6UqZesSmKHpAVwpUXfjVwmchS8Q69w9fmQwlCtKQndVeDuNaqiTndqjzR9wpq%2Bmr4u%2BJ1yqe%2FpsdxJ7sbhKnicgMS%2Fr4blVYhOxoanDMQ%2FbO8Tux5S6wc314b9pX0GGbdgVZxQvqZVEPUvNFRiteQP9sBTkO%2FdkKapA%3D%3C%2Fds%3ASignatureValue%3E%0A%3C%2Fds%3ASignature%3E%3C%2FPrePackagedLicense%3E%0A%0D%0A" | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdate.exe | — | MyDesk.exe |
User: admin Company: SentryBay Integrity Level: MEDIUM Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
2176 | "C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdate.exe" /install "appguid={12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA}&ap=live_phase3&brand=ac_creditsuisse&appname=MyDesk&needsadmin=True&installerdata=%3C%3Fxml%20version%3D%221.0%22%3F%3E%0A%3CPrePackagedLicense%20xmlns%3D%22http%3A%2F%2Fwww.sentrybay.com%2Flicense%2Fv2%22%3E%3CLicense%20Id%3D%22_92655394de191037819c4040b70e735a%22%3E%3CIssueDate%3E2019-06-12%3C%2FIssueDate%3E%3CDaysUntilExpiry%3E32767%3C%2FDaysUntilExpiry%3E%3CProduct%3ESAS%3C%2FProduct%3E%3CType%3EFull%3C%2FType%3E%3CLicensor%3Eac_creditsuisse%3C%2FLicensor%3E%3CSeats%3E1%3C%2FSeats%3E%3CReference%3Elive_phase3%3C%2FReference%3E%3C%2FLicense%3E%3Cds%3ASignature%20xmlns%3Ads%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23%22%3E%0A%20%20%3Cds%3ASignedInfo%3E%3Cds%3ACanonicalizationMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%0A%20%20%20%20%3Cds%3ASignatureMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1%22%2F%3E%0A%20%20%3Cds%3AReference%3E%3Cds%3ATransforms%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23enveloped-signature%22%2F%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%3C%2Fds%3ATransforms%3E%3Cds%3ADigestMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23sha1%22%2F%3E%3Cds%3ADigestValue%3EZVdeHy3ndrUBStNIr9b1C6eSaP4%3D%3C%2Fds%3ADigestValue%3E%3C%2Fds%3AReference%3E%3C%2Fds%3ASignedInfo%3E%3Cds%3ASignatureValue%3EKn8BkIGJ6UqZesSmKHpAVwpUXfjVwmchS8Q69w9fmQwlCtKQndVeDuNaqiTndqjzR9wpq%2Bmr4u%2BJ1yqe%2FpsdxJ7sbhKnicgMS%2Fr4blVYhOxoanDMQ%2FbO8Tux5S6wc314b9pX0GGbdgVZxQvqZVEPUvNFRiteQP9sBTkO%2FdkKapA%3D%3C%2Fds%3ASignatureValue%3E%0A%3C%2Fds%3ASignature%3E%3C%2FPrePackagedLicense%3E%0A%0D%0A" /installelevated | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdate.exe | SentryBayUpdate.exe | |
User: admin Company: SentryBay Integrity Level: HIGH Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
2460 | "C:\Program Files\SentryBay\Update\SentryBayUpdate.exe" /ig "appguid={12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA}&ap=live_phase3&brand=ac_creditsuisse&appname=MyDesk&needsadmin=True&installerdata=%3C%3Fxml%20version%3D%221.0%22%3F%3E%0A%3CPrePackagedLicense%20xmlns%3D%22http%3A%2F%2Fwww.sentrybay.com%2Flicense%2Fv2%22%3E%3CLicense%20Id%3D%22_92655394de191037819c4040b70e735a%22%3E%3CIssueDate%3E2019-06-12%3C%2FIssueDate%3E%3CDaysUntilExpiry%3E32767%3C%2FDaysUntilExpiry%3E%3CProduct%3ESAS%3C%2FProduct%3E%3CType%3EFull%3C%2FType%3E%3CLicensor%3Eac_creditsuisse%3C%2FLicensor%3E%3CSeats%3E1%3C%2FSeats%3E%3CReference%3Elive_phase3%3C%2FReference%3E%3C%2FLicense%3E%3Cds%3ASignature%20xmlns%3Ads%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23%22%3E%0A%20%20%3Cds%3ASignedInfo%3E%3Cds%3ACanonicalizationMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%0A%20%20%20%20%3Cds%3ASignatureMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1%22%2F%3E%0A%20%20%3Cds%3AReference%3E%3Cds%3ATransforms%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23enveloped-signature%22%2F%3E%3Cds%3ATransform%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22%2F%3E%3C%2Fds%3ATransforms%3E%3Cds%3ADigestMethod%20Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23sha1%22%2F%3E%3Cds%3ADigestValue%3EZVdeHy3ndrUBStNIr9b1C6eSaP4%3D%3C%2Fds%3ADigestValue%3E%3C%2Fds%3AReference%3E%3C%2Fds%3ASignedInfo%3E%3Cds%3ASignatureValue%3EKn8BkIGJ6UqZesSmKHpAVwpUXfjVwmchS8Q69w9fmQwlCtKQndVeDuNaqiTndqjzR9wpq%2Bmr4u%2BJ1yqe%2FpsdxJ7sbhKnicgMS%2Fr4blVYhOxoanDMQ%2FbO8Tux5S6wc314b9pX0GGbdgVZxQvqZVEPUvNFRiteQP9sBTkO%2FdkKapA%3D%3C%2Fds%3ASignatureValue%3E%0A%3C%2Fds%3ASignature%3E%3C%2FPrePackagedLicense%3E%0A%0D%0A" | C:\Program Files\SentryBay\Update\SentryBayUpdate.exe | SentryBayUpdate.exe | |
User: admin Company: SentryBay Integrity Level: HIGH Description: SentryBay Installer Exit code: 2147754388 Version: 1.0.0.13544 | ||||
2240 | C:\Windows\system32\msiexec.exe /V | C:\Windows\system32\msiexec.exe | services.exe | |
User: SYSTEM Company: Microsoft Corporation Integrity Level: SYSTEM Description: Windows® installer Version: 5.0.7600.16385 (win7_rtm.090713-1255) | ||||
756 | "C:\Program Files\SentryBay\Update\SentryBayUpdate.exe" /RegServer | C:\Program Files\SentryBay\Update\SentryBayUpdate.exe | — | SentryBayUpdate.exe |
User: admin Company: SentryBay Integrity Level: HIGH Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
3664 | "C:\Program Files\SentryBay\Update\SentryBayUpdate.exe" /svc | C:\Program Files\SentryBay\Update\SentryBayUpdate.exe | — | services.exe |
User: SYSTEM Company: SentryBay Integrity Level: SYSTEM Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
3712 | "C:\Program Files\SentryBay\Update\SentryBayUpdate.exe" /c | C:\Program Files\SentryBay\Update\SentryBayUpdate.exe | — | SentryBayUpdate.exe |
User: SYSTEM Company: SentryBay Integrity Level: SYSTEM Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
2732 | "C:\Program Files\SentryBay\Update\SentryBayUpdate.exe" /cr | C:\Program Files\SentryBay\Update\SentryBayUpdate.exe | SentryBayUpdate.exe | |
User: SYSTEM Company: SentryBay Integrity Level: SYSTEM Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 | ||||
3036 | "C:\Program Files\SentryBay\Update\1.0.0.13544\SentryBayCrashHandler.exe" /crashhandler | C:\Program Files\SentryBay\Update\1.0.0.13544\SentryBayCrashHandler.exe | — | SentryBayUpdate.exe |
User: SYSTEM Company: SentryBay Integrity Level: SYSTEM Description: SentryBay Installer Exit code: 0 Version: 1.0.0.13544 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUTE4B2.tmp | compressed | |
MD5:E952D7293E5482039557041B0DFC0538 | SHA256:CE9DE121442DF943C98606940C5F59018D4D081656BB92CF3D75A831FACF9D55 | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdateHelper.msi | executable | |
MD5:1C16F460FC9B64C504D6CFA9EEAD1607 | SHA256:971E0A58657440E2F5650F4DF989C53B89C2C9A8363242F7C12E04D0BFCA4B9A | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\goopdateres_el.dll | executable | |
MD5:42DBA00394938BEA68AA8B44A360481D | SHA256:88C34C1927FE3D05362321E2001BC3520AD7B98D1CD7AE130D7AF9220E5DE6FA | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\goopdateres_da.dll | executable | |
MD5:51B86B2BF8538025AF9AF738F6888120 | SHA256:DDB91622854931260D64D749F1CC9024A903F99B4948A6420908AA04BD26402C | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\goopdateres_bn.dll | executable | |
MD5:44538AFEA8BACFAC8D4A447DEC4F8E8F | SHA256:7F129C39C6D3B456673552384820DECD2740B6218748DE09849F75FBC8032E1D | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\GoopdateBho.dll | executable | |
MD5:7B6F5E2F19CD825FBC57679670BE4DCE | SHA256:9EF4F92DB9A5E88B8E0254B0E73ABBDE303386549FF4C4A2053AF240A03477BD | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayUpdate.exe | executable | |
MD5:E0D7A28A5B6881E6EC4547F7C95F8686 | SHA256:61BABAA39ED55AA04A965BB359FD8E110167509F43B375BA838DA0238E32EDBA | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\goopdateres_en-GB.dll | executable | |
MD5:452996F11B93BB8158A22BCF849F96C9 | SHA256:90A822549804FD1C2FE6B6D7A692DA10D439BEB4FD2AEA9ECE35998F3C660B47 | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\goopdateres_es.dll | executable | |
MD5:92B8ED8535AF2E1EAE9BED4588FFF4D8 | SHA256:DB4B85E7687C169E183AEAB778ED9C29D6741490FA1378AC4E5153B8B983AFA3 | |||
3100 | MyDesk.exe | C:\Users\admin\AppData\Local\Temp\GUME4B1.tmp\SentryBayCrashHandler.exe | executable | |
MD5:E0D7A28A5B6881E6EC4547F7C95F8686 | SHA256:61BABAA39ED55AA04A965BB359FD8E110167509F43B375BA838DA0238E32EDBA |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
2460 | SentryBayUpdate.exe | POST | — | 172.217.16.147:80 | http://update.sentrybay.com/update | US | — | — | whitelisted |
2460 | SentryBayUpdate.exe | POST | 404 | 172.217.16.147:80 | http://update.sentrybay.com/update | US | xml | 345 b | whitelisted |
2460 | SentryBayUpdate.exe | POST | 404 | 172.217.16.147:80 | http://update.sentrybay.com/update?w=3:An5AfAuRC08ZLQqmwekSPHgblNibdaUOLk6l4YjADxNgREKw_2uyJrUtY9iQcGNszFYlp74THfsYctQhC9O4NNuiHPivcNiDu0hGewu9MX2e7-8VFr9RR8eCdWchM00WC0WeoVyNpp1CLUIXowYDnqcont2rDMCz0HL7gyE0g7A | US | xml | 345 b | whitelisted |
2732 | SentryBayUpdate.exe | GET | 404 | 216.58.205.238:80 | http://cr-tools.clients.google.com/service/check2?appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.0.0.13544&applang=&machine=1&version=1.3.33.23&osversion=6.1&servicepack=Service%20Pack%201 | US | xml | 345 b | whitelisted |
2460 | SentryBayUpdate.exe | POST | 404 | 172.217.16.147:80 | http://update.sentrybay.com/update | US | xml | 345 b | whitelisted |
2612 | iexplore.exe | GET | 404 | 204.79.197.200:80 | http://www.bing.com/favicon.ico | US | xml | 345 b | whitelisted |
3832 | iexplore.exe | GET | 404 | 216.58.207.36:80 | http://www.google.com/support/installer/?hl=&errorcode=0x80042194&extracode1=0x00000000&extracode2=0&app=%7B12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA%7D&guver=1.0.0.13544&ismachine=1&os=6.1&sp=Service%20Pack%201&iid=&brand=ac_creditsuisse&source=updatecheck&testsource=auto | US | xml | 345 b | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
2612 | iexplore.exe | 204.79.197.200:80 | www.bing.com | Microsoft Corporation | US | whitelisted |
2460 | SentryBayUpdate.exe | 172.217.16.147:80 | update.sentrybay.com | Google Inc. | US | malicious |
2460 | SentryBayUpdate.exe | 172.217.16.147:443 | update.sentrybay.com | Google Inc. | US | malicious |
2732 | SentryBayUpdate.exe | 216.58.205.238:80 | cr-tools.clients.google.com | Google Inc. | US | whitelisted |
3832 | iexplore.exe | 216.58.207.36:80 | www.google.com | Google Inc. | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
update.sentrybay.com |
| whitelisted |
cr-tools.clients.google.com |
| whitelisted |
www.google.com |
| whitelisted |
www.bing.com |
| whitelisted |