File name:

festo fluidsim 4.2 pneumatics_eng.exe

Full analysis: https://app.any.run/tasks/0b5bee52-5957-430f-aab7-50500494da1a
Verdict: Malicious activity
Analysis date: March 04, 2024, 09:05:33
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

4C0135CA286E77BAA3936C171DA17380

SHA1:

2CCD3899E788933DB6522B9127F7B9094F6A61E1

SHA256:

6459BB7630E62F33A1CC8068659CBF1BB4C63369415C9F0C444FDA5D02155879

SSDEEP:

98304:hfJBbod1Yc9hQo+Ra43hqAAOy09gX5BM7sPte7B6Z6n+HJ7CrfKpYSMpfBhgtVT8:/Z9Jgf42KCjTcIlbQqxngb7yCp

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)

  • SUSPICIOUS

    • Reads the Windows owner or organization settings

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Executable content was dropped or overwritten

      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)

    • Reads the Internet Settings

      • autorun.exe (PID: 880)
      • FESTO NEUMATICA.exe (PID: 1792)
      • FESTO NEUMATICA.exe (PID: 2620)

    • Reads security settings of Internet Explorer

      • autorun.exe (PID: 880)
      • FESTO NEUMATICA.exe (PID: 1792)
      • FESTO NEUMATICA.exe (PID: 2620)

  • INFO

    • Create files in a temporary directory

      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 2964)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • fl_sim_p.exe (PID: 116)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • FESTO NEUMATICA.exe (PID: 2620)
      • Festo Fluidsim.exe (PID: 2660)

    • Checks supported languages

      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 4052)
      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 2964)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • wmpnscfg.exe (PID: 3932)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • autorun.exe (PID: 2832)
      • fl_sim_p.exe (PID: 116)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • autorun.exe (PID: 2504)
      • autorun.exe (PID: 880)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • FESTO NEUMATICA.exe (PID: 2620)
      • Festo Fluidsim.exe (PID: 2660)

    • Reads the computer name

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 4052)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • wmpnscfg.exe (PID: 3932)
      • autorun.exe (PID: 2832)
      • autorun.exe (PID: 880)
      • autorun.exe (PID: 2504)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • FESTO NEUMATICA.exe (PID: 2620)
      • Festo Fluidsim.exe (PID: 2660)

    • Creates files in the program directory

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Manual execution by a user

      • wmpnscfg.exe (PID: 3932)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)

    • Creates a software uninstall entry

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Creates files or folders in the user directory

      • fl_sim_p.exe (PID: 116)

    • Reads the machine GUID from the registry

      • Festo Fluidsim.exe (PID: 1540)
      • Festo Fluidsim.exe (PID: 2660)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (77.7)
.exe | Win32 Executable Delphi generic (10)
.dll | Win32 Dynamic Link Library (generic) (4.6)
.exe | Win32 Executable (generic) (3.1)
.exe | Win16/32 Executable Delphi generic (1.4)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 1992:06:19 22:22:17+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 37888
InitializedDataSize: 17920
UninitializedDataSize: -
EntryPoint: 0x9c40
OSVersion: 1
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 0.0.0.0
ProductVersionNumber: 0.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: FESTO, Inc.
FileDescription: FluidSIM Pneumatics V 4.2 English Setup
FileVersion:
LegalCopyright:
ProductName: FluidSIM Pneumatics V 4.2 English
ProductVersion: 4.2
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
57
Monitored processes
16
Malicious processes
3
Suspicious processes
2

Behavior graph

Click at the process to see the details
start festo fluidsim 4.2 pneumatics_eng.exe no specs festo fluidsim 4.2 pneumatics_eng.tmp no specs festo fluidsim 4.2 pneumatics_eng.exe festo fluidsim 4.2 pneumatics_eng.tmp no specs wmpnscfg.exe no specs fl_sim_p.exe no specs festo fluidsim hid-neu 2020 v3.5.exe festo fluidsim hid-neu 2020 v3.5.exe festo fluidsim hid-neu 2020 v3.5.exe autorun.exe no specs autorun.exe no specs autorun.exe no specs festo neumatica.exe no specs festo fluidsim.exe no specs festo neumatica.exe no specs festo fluidsim.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
116"C:\Program Files\Didactic\fl_sim_p4.en\bin\fl_sim_p.exe"C:\Program Files\Didactic\fl_sim_p4.en\bin\fl_sim_p.exefesto fluidsim 4.2 pneumatics_eng.tmp
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
4, 2, 16, 0
Modules
Images
c:\program files\didactic\fl_sim_p4.en\bin\fl_sim_p.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
240"C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe" C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe
explorer.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\desktop\festo fluidsim hid-neu 2020 v3.5.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
880"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\autorun.exe" "SFXSOURCE:C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\autorun.exeFesto FluidSim Hid-Neu 2020 V3.5.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autorun.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\ir_ext_temp_2\lua5.1.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
1540"C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exe" C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exeFESTO NEUMATICA.exe
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
3, 6, 8, 0
Modules
Images
c:\users\admin\appdata\local\temp\rarsfx0\festo fluidsim.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\apphelp.dll
1792"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exe" C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exeautorun.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autoplay\docs\festo neumatica.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
1992"C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe" C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe
explorer.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\desktop\festo fluidsim hid-neu 2020 v3.5.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2504"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\autorun.exe" "SFXSOURCE:C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\autorun.exeFesto FluidSim Hid-Neu 2020 V3.5.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_1\autorun.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\ir_ext_temp_1\lua5.1.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
2620"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exe" C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exeautorun.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autoplay\docs\festo neumatica.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
2660"C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exe" C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exeFESTO NEUMATICA.exe
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
3, 6, 8, 0
Modules
Images
c:\users\admin\appdata\local\temp\rarsfx0\festo fluidsim.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\apphelp.dll
2752"C:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmp" /SL5="$19013E,14855402,54272,C:\Users\admin\AppData\Local\Temp\festo fluidsim 4.2 pneumatics_eng.exe" /SPAWNWND=$1A01BC /NOTIFYWND=$E0170 C:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmpfesto fluidsim 4.2 pneumatics_eng.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.52.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-sk6uf.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
Total events
13 150
Read events
13 103
Write events
46
Delete events
1

Modification events

(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Setup Version
Value:
5.4.3 (a)
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files\Didactic\fl_sim_p4.en
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files\Didactic\fl_sim_p4.en\
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Icon Group
Value:
Festo Didactic
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: User
Value:
admin
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Selected Tasks
Value:
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Deselected Tasks
Value:
desktopicon
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Language
Value:
english
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:DisplayName
Value:
FluidSIM Pneumatics V 4.2 English version 4.2
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:UninstallString
Value:
"C:\Program Files\Didactic\fl_sim_p4.en\unins000.exe"
Executable files
15
Suspicious files
1 054
Text files
155
Unknown types
535

Dropped files

PID
Process
Filename
Type
2964festo fluidsim 4.2 pneumatics_eng.exeC:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
MD5:67C5A4F36E1C91A3B85E440EDD7AD026
SHA256:99C299D6565AB53D9AF66E0146737DC0ECFBC52ECF4740825B552DB0CC4210C6
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\unins000.exe
MD5:20271C729EEA661DD16D0FFF9E47E329
SHA256:37B3AADE153966813F3FA4B4267914539D4FD04421CEFA849A390EE8C3DEFB0D
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\is-2T9HR.tmp
MD5:20271C729EEA661DD16D0FFF9E47E329
SHA256:37B3AADE153966813F3FA4B4267914539D4FD04421CEFA849A390EE8C3DEFB0D
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\is-7B2H6.tmp
MD5:982ED2FE3CE92959EC9C1124EC8ECD8F
SHA256:7A7212C6A4146D06A1764810BE53EC97E1D01F644EB3BCCD21382FC9EF44B887
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\fl_sim_p.exe
MD5:982ED2FE3CE92959EC9C1124EC8ECD8F
SHA256:7A7212C6A4146D06A1764810BE53EC97E1D01F644EB3BCCD21382FC9EF44B887
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\aq\ep.kb
MD5:451F0F3221A39D096614C2C6E8AB0928
SHA256:8F31426003F743296E3B5FDC92E7DE584A0E01218F035CBAD551C3C926FFC988
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\aq\is-ARVO8.tmp
MD5:451F0F3221A39D096614C2C6E8AB0928
SHA256:8F31426003F743296E3B5FDC92E7DE584A0E01218F035CBAD551C3C926FFC988
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\aq\mop.kb
MD5:A553655125FB4306420D5F8377610C92
SHA256:64E34942CBCF9B309F4FC49429B4609AE5E188F27630F70DCAF58E561723B461
3864festo fluidsim 4.2 pneumatics_eng.exeC:\Users\admin\AppData\Local\Temp\is-K0648.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
MD5:67C5A4F36E1C91A3B85E440EDD7AD026
SHA256:99C299D6565AB53D9AF66E0146737DC0ECFBC52ECF4740825B552DB0CC4210C6
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Users\admin\AppData\Local\Temp\is-Q0ITR.tmp\_isetup\_RegDLL.tmp
MD5:0EE914C6F0BB93996C75941E1AD629C6
SHA256:4DC09BAC0613590F1FAC8771D18AF5BE25A1E1CB8FDBF4031AA364F3057E74A2
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
4
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
festo fluidsim 4.2 pneumatics_eng.exe