File name:

Edge____19_416756.exe

Full analysis: https://app.any.run/tasks/b4a42d36-c4ce-44f2-a4f2-68436f1cf9b6
Verdict: Malicious activity
Threats:

Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security.

Malware Trends Tracker     >>>
Analysis date: September 07, 2024, 09:55:39
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
adware
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

EA6810E51B21867F42C2DC3C485EF68E

SHA1:

DD2732626C4512FF161F76B9F08F56F5027DEC0A

SHA256:

6385D6449F490E42E0F37346ABE0E098846B38A210E46B66CC51C1E56414E289

SSDEEP:

196608:zQnerIUpTt3Zy8PLg//zgpytdDAFwLpOTTKhTbku:zQnmIUpJgcLWgytoeCETbx

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Process drops legitimate windows executable

      • Edge____19_416756.exe (PID: 3800)

    • Uses TASKKILL.EXE to kill process

      • Edge____19_416756.exe (PID: 3800)

    • The process drops C-runtime libraries

      • Edge____19_416756.exe (PID: 3800)

    • Executable content was dropped or overwritten

      • Edge____19_416756.exe (PID: 3800)

    • Process requests binary or script from the Internet

      • Edge____19_416756.exe (PID: 3800)

    • Creates a software uninstall entry

      • Edge____19_416756.exe (PID: 3800)

    • Reads security settings of Internet Explorer

      • Edge____19_416756.exe (PID: 3800)
      • FLMgrTray.exe (PID: 1140)
      • FLServer.exe (PID: 6540)

    • Creates file in the systems drive root

      • explorer.exe (PID: 5816)

    • Searches for installed software

      • FLMgrTray.exe (PID: 1140)
      • FLServer.exe (PID: 6540)

    • Access to an unwanted program domain was detected

      • FLServer.exe (PID: 6540)
      • FLMgrTray.exe (PID: 1140)

    • Executes as Windows Service

      • FLServer.exe (PID: 6540)

  • INFO

    • Reads the software policy settings

      • Edge____19_416756.exe (PID: 3800)

    • Checks supported languages

      • Edge____19_416756.exe (PID: 3800)
      • FLMgrTray.exe (PID: 1140)
      • FLServer.exe (PID: 6540)
      • FLMgrTray.exe (PID: 1496)

    • Creates files or folders in the user directory

      • Edge____19_416756.exe (PID: 3800)

    • Reads the computer name

      • Edge____19_416756.exe (PID: 3800)
      • FLMgrTray.exe (PID: 1140)
      • FLServer.exe (PID: 6540)

    • Reads the machine GUID from the registry

      • Edge____19_416756.exe (PID: 3800)
      • FLMgrTray.exe (PID: 1140)

    • Create files in a temporary directory

      • Edge____19_416756.exe (PID: 3800)

    • The process uses the downloaded file

      • Edge____19_416756.exe (PID: 3800)

    • Process checks computer location settings

      • Edge____19_416756.exe (PID: 3800)

    • Reads security settings of Internet Explorer

      • explorer.exe (PID: 5816)

    • Sends debugging messages

      • FLMgrTray.exe (PID: 1140)
      • FLMgrTray.exe (PID: 1496)

    • Checks proxy server information

      • FLMgrTray.exe (PID: 1140)

    • Reads Microsoft Office registry keys

      • explorer.exe (PID: 5816)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2023:06:26 09:04:02+00:00
ImageFileCharacteristics: No relocs, Executable, 32-bit
PEType: PE32
LinkerVersion: 14.16
CodeSize: 4257280
InitializedDataSize: 16945664
UninitializedDataSize: -
EntryPoint: 0x19ae79
OSVersion: 5.1
ImageVersion: -
SubsystemVersion: 5.1
Subsystem: Windows GUI
FileVersionNumber: 1.0.7.17
ProductVersionNumber: 1.0.7.17
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Chinese (Simplified)
CharacterSet: Unicode
CompanyName: -
FileDescription:
FileVersion: 1.0.7.17
LegalCopyright: Copyright (C) 2022
OriginalFileName: winManager.exe
ProductVersion: 1.0.7.17
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
137
Monitored processes
24
Malicious processes
2
Suspicious processes
1

Behavior graph

Click at the process to see the details
start edge____19_416756.exe sc.exe no specs sc.exe no specs conhost.exe no specs taskkill.exe no specs conhost.exe no specs taskkill.exe no specs conhost.exe no specs taskkill.exe no specs conhost.exe no specs conhost.exe no specs sc.exe no specs sc.exe no specs conhost.exe no specs conhost.exe no specs explorer.exe no specs explorer.exe no specs rundll32.exe no specs flmgrtray.exe sc.exe no specs conhost.exe no specs flserver.exe flmgrtray.exe edge____19_416756.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1140C:\Users\admin\AppData\Local\winManager\FLMgrTray.exe C:\Users\admin\AppData\Local\winManager\FLMgrTray.exe
Edge____19_416756.exe
User:
admin
Integrity Level:
HIGH
Version:
1.0.1.1
Modules
Images
c:\users\admin\appdata\local\winmanager\flmgrtray.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
1496 C:\Users\admin\AppData\Local\winManager\FLMgrTray.exe
FLServer.exe
User:
admin
Integrity Level:
HIGH
Exit code:
0
Version:
1.0.1.1
Modules
Images
c:\users\admin\appdata\local\winmanager\flmgrtray.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\user32.dll
c:\windows\syswow64\win32u.dll
2096sc stop SoftUpdateSrvC:\Windows\SysWOW64\sc.exeEdge____19_416756.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Service Control Manager Configuration Tool
Exit code:
1060
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\sc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
2508\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3244sc description SoftUpdateSrv "为软件提供基础更新服务"C:\Windows\SysWOW64\sc.exeEdge____19_416756.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Service Control Manager Configuration Tool
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\sc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
3332sc delete SoftUpdateSrvC:\Windows\SysWOW64\sc.exeEdge____19_416756.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Service Control Manager Configuration Tool
Exit code:
1060
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\sc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
3568\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3800"C:\Users\admin\Desktop\Edge____19_416756.exe" C:\Users\admin\Desktop\Edge____19_416756.exe
explorer.exe
User:
admin
Company:
-
Integrity Level:
HIGH
Description:
Exit code:
0
Version:
1.0.7.17
Modules
Images
c:\users\admin\desktop\edge____19_416756.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
3908\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
4064\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exetaskkill.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
15 385
Read events
15 339
Write events
45
Delete events
1

Modification events

(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\winManager
Operation:writeName:upSwitch
Value:
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\winManager
Operation:writeName:userHash
Value:
73de7f80daa897be4d0d0dff40624186
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\winManager
Operation:writeName:userTime
Value:
19973
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\winManager
Operation:writeName:nameType
Value:
1
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:DisplayName
Value:
WindSoul软件管家
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:UninstallString
Value:
C:\Users\admin\AppData\Local\winManager\leave.exe
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:DisplayVersion
Value:
1.0.7.17
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:DisplayIcon
Value:
C:\Users\admin\AppData\Local\winManager\winManager.exe
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:InstallDir
Value:
C:\Users\admin\AppData\Local\winManager
(PID) Process:(3800) Edge____19_416756.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winManager
Operation:writeName:Publisher
Value:
WindSoul软件管家
Executable files
74
Suspicious files
3
Text files
1
Unknown types
0

Dropped files

PID
Process
Filename
Type
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-debug-l1-1-0.dllexecutable
MD5:FE7E3A0FE5CD4D960B208DB3F19F1945
SHA256:6CE67FA67155EC601F42FEACD7FAF91A7DD9BD81070A5BCCF0BD12B4D8563B83
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\Temp\rLHKHj4o8fukEU1l\target.pngimage
MD5:A8C1BD0F7FE7AC62AC42F7A7EA276659
SHA256:206A496C94A5D5C6FF0E2D51A347E7EA91AF84AFC8F465AD99D49FFAEAA536A3
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-file-l1-2-0.dllexecutable
MD5:6E4AF6C8B50295CE9D2C7C89F6827334
SHA256:BE76CE72975A4E917325DB17410E50EC006BCD95432197370E601DC00E81444A
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-errorhandling-l1-1-0.dllexecutable
MD5:91E6C1406BD499FF4B941D133D1898AF
SHA256:BCCAD347EFCCC5E791929E30DC3ABAFAAB636CDCF23A7B68F3DEED016DD32083
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-datetime-l1-1-0.dllexecutable
MD5:75D6DB7F779C887EE80962C18A411500
SHA256:51EAAAB1E5955DEDB71E27E77F8BAE0F960969487D115C53F38955ED7F34935F
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-fibers-l1-1-0.dllexecutable
MD5:2ABB9BC8F00A5AD6EF2D6E4BE2B14ECF
SHA256:D151BECE745A4749C3C117DB0DFB61CCB2E2742C72D9B0F1DB49E70EE0239DD3
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-file-l1-1-0.dllexecutable
MD5:070EFDCECB04C8CC7E1A8DED9A220940
SHA256:A4C20AFE0F39CC27BBD55F98F94057CA8FD2BA72B920FE0F70F0742B26559D76
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-localization-l1-2-0.dllexecutable
MD5:1F41511531BBF040F80DCEBE78155894
SHA256:D4A2127300B6AF2E0DABE99BA7D72E6C852800666BD0E8C157553EBD43BB9BDA
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-heap-l1-1-0.dllexecutable
MD5:FF8026DAB5D3DABCA8F72B6FA7D258FA
SHA256:535E9D20F00A2F1A62F843A4A26CFB763138D5DFE358B0126D33996FBA9CA4D1
3800Edge____19_416756.exeC:\Users\admin\AppData\Local\winManager\api-ms-win-core-interlocked-l1-1-0.dllexecutable
MD5:0BDC5D21A0F3A13FFA5C88A939C8C94C
SHA256:B7BAAD7A6A3CF241CC00AFA0D126E68C1B0E42CC563335F74372C323CFEFD4A7
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
29
TCP/UDP connections
36
DNS requests
11
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
7072
svchost.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
2120
MoUsoCoreWorker.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
3800
Edge____19_416756.exe
GET
200
123.57.49.36:80
http://api.flmgr.net/v1/client/theme?User=73de7f80daa897be4d0d0dff40624186&Ver=1.0.7.17&Winver=10.0&Softid=416756&Webid=19
unknown
unknown
3800
Edge____19_416756.exe
GET
200
123.57.49.36:80
http://api.flmgr.net/log/client/site_soft?Action=open&User=73de7f80daa897be4d0d0dff40624186&ChannelCode=19&Ver=1.0.7.17&OsVer=10.0&Sdsoft=0&Softid=416756&Filename=Edge____19_416756.exe&Checks=1&Err=0
unknown
unknown
3800
Edge____19_416756.exe
GET
200
123.57.49.36:80
http://api.flmgr.net/v1/api/system?User=73de7f80daa897be4d0d0dff40624186&Ver=1.0.7.17&Winver=10.0&Webid=19
unknown
unknown
3800
Edge____19_416756.exe
POST
200
60.205.148.178:80
http://api.nasyeo.com/log/next
unknown
unknown
3800
Edge____19_416756.exe
POST
200
123.57.49.36:80
http://api.flmgr.net/v1/client/configs
unknown
unknown
3800
Edge____19_416756.exe
POST
200
60.205.148.178:80
http://api.nasyeo.com/api/info
unknown
unknown
3800
Edge____19_416756.exe
GET
301
118.123.207.180:80
http://www2.aldeee.com/api/ryapi?webid=19&softid=416756&token=9cae809a9ccf65c2c1417af27248851e
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
7072
svchost.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
2120
MoUsoCoreWorker.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
239.255.255.250:1900
whitelisted
3800
Edge____19_416756.exe
123.57.49.36:80
api.flmgr.net
Hangzhou Alibaba Advertising Co.,Ltd.
CN
unknown
3800
Edge____19_416756.exe
60.205.148.178:80
api.nasyeo.com
Hangzhou Alibaba Advertising Co.,Ltd.
CN
unknown
3800
Edge____19_416756.exe
118.123.207.180:80
www2.aldeee.com
CHINANET SiChuan Telecom Internet Data Center
CN
unknown

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 51.104.136.2
  • 40.127.240.158
whitelisted
google.com
  • 142.250.186.78
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted
api.flmgr.net
  • 123.57.49.36
unknown
api.nasyeo.com
  • 60.205.148.178
unknown
www2.aldeee.com
  • 118.123.207.180
  • 118.123.207.182
  • 218.60.100.171
  • 221.194.141.166
  • 120.221.252.91
  • 115.223.9.116
  • 115.223.9.113
  • 61.54.86.165
  • 61.54.86.167
  • 120.221.252.95
  • 218.60.100.165
unknown
semsrc.51xiazai.cn
  • 120.52.95.239
  • 218.12.76.169
unknown
d1.51xiazai.cn
  • 218.12.76.155
  • 218.12.76.157
  • 120.52.95.247
  • 120.52.95.246
unknown
static.flmgr.net
  • 118.123.207.182
  • 61.54.86.165
  • 115.223.9.113
  • 120.221.252.95
  • 61.54.86.167
  • 120.221.252.91
  • 221.194.141.166
  • 218.60.100.171
  • 218.60.100.165
  • 118.123.207.180
  • 115.223.9.116
unknown
www.baidu.com
  • 103.235.46.96
  • 103.235.47.188
whitelisted

Threats

PID
Process
Class
Message
1140
FLMgrTray.exe
Possibly Unwanted Program Detected
ET ADWARE_PUP User-Agent (User-Agent Mozilla/4.0 (compatible ))
6540
FLServer.exe
Possibly Unwanted Program Detected
ET ADWARE_PUP User-Agent (User-Agent Mozilla/4.0 (compatible ))
1140
FLMgrTray.exe
Possibly Unwanted Program Detected
ET ADWARE_PUP User-Agent (User-Agent Mozilla/4.0 (compatible ))
Process
Message
FLMgrTray.exe
[] FLMgrTray start!
FLMgrTray.exe
[] [ERROR!!!] FLMgrTray is Exist!
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Edge____19_416756.exe