File name:

festo fluidsim 4.2 pneumatics_eng.exe

Full analysis: https://app.any.run/tasks/0b5bee52-5957-430f-aab7-50500494da1a
Verdict: Malicious activity
Analysis date: March 04, 2024, 09:05:33
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

4C0135CA286E77BAA3936C171DA17380

SHA1:

2CCD3899E788933DB6522B9127F7B9094F6A61E1

SHA256:

6459BB7630E62F33A1CC8068659CBF1BB4C63369415C9F0C444FDA5D02155879

SSDEEP:

98304:hfJBbod1Yc9hQo+Ra43hqAAOy09gX5BM7sPte7B6Z6n+HJ7CrfKpYSMpfBhgtVT8:/Z9Jgf42KCjTcIlbQqxngb7yCp

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)

  • SUSPICIOUS

    • Reads the Windows owner or organization settings

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Executable content was dropped or overwritten

      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)

    • Reads the Internet Settings

      • autorun.exe (PID: 880)
      • FESTO NEUMATICA.exe (PID: 2620)
      • FESTO NEUMATICA.exe (PID: 1792)

    • Reads security settings of Internet Explorer

      • autorun.exe (PID: 880)
      • FESTO NEUMATICA.exe (PID: 1792)
      • FESTO NEUMATICA.exe (PID: 2620)

  • INFO

    • Checks supported languages

      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 4052)
      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 2964)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • wmpnscfg.exe (PID: 3932)
      • fl_sim_p.exe (PID: 116)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • autorun.exe (PID: 2504)
      • autorun.exe (PID: 880)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • autorun.exe (PID: 2832)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • Festo Fluidsim.exe (PID: 2660)
      • FESTO NEUMATICA.exe (PID: 2620)

    • Reads the computer name

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 4052)
      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • wmpnscfg.exe (PID: 3932)
      • autorun.exe (PID: 2832)
      • autorun.exe (PID: 880)
      • autorun.exe (PID: 2504)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • FESTO NEUMATICA.exe (PID: 2620)
      • Festo Fluidsim.exe (PID: 2660)

    • Create files in a temporary directory

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)
      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 3864)
      • festo fluidsim 4.2 pneumatics_eng.exe (PID: 2964)
      • fl_sim_p.exe (PID: 116)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • FESTO NEUMATICA.exe (PID: 1792)
      • Festo Fluidsim.exe (PID: 1540)
      • FESTO NEUMATICA.exe (PID: 2620)
      • Festo Fluidsim.exe (PID: 2660)

    • Creates files in the program directory

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Manual execution by a user

      • wmpnscfg.exe (PID: 3932)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 3508)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 1992)
      • Festo FluidSim Hid-Neu 2020 V3.5.exe (PID: 240)

    • Creates a software uninstall entry

      • festo fluidsim 4.2 pneumatics_eng.tmp (PID: 2752)

    • Creates files or folders in the user directory

      • fl_sim_p.exe (PID: 116)

    • Reads the machine GUID from the registry

      • Festo Fluidsim.exe (PID: 1540)
      • Festo Fluidsim.exe (PID: 2660)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (77.7)
.exe | Win32 Executable Delphi generic (10)
.dll | Win32 Dynamic Link Library (generic) (4.6)
.exe | Win32 Executable (generic) (3.1)
.exe | Win16/32 Executable Delphi generic (1.4)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 1992:06:19 22:22:17+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 37888
InitializedDataSize: 17920
UninitializedDataSize: -
EntryPoint: 0x9c40
OSVersion: 1
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 0.0.0.0
ProductVersionNumber: 0.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: FESTO, Inc.
FileDescription: FluidSIM Pneumatics V 4.2 English Setup
FileVersion:
LegalCopyright:
ProductName: FluidSIM Pneumatics V 4.2 English
ProductVersion: 4.2
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
57
Monitored processes
16
Malicious processes
3
Suspicious processes
2

Behavior graph

Click at the process to see the details
start festo fluidsim 4.2 pneumatics_eng.exe no specs festo fluidsim 4.2 pneumatics_eng.tmp no specs festo fluidsim 4.2 pneumatics_eng.exe festo fluidsim 4.2 pneumatics_eng.tmp no specs wmpnscfg.exe no specs fl_sim_p.exe no specs festo fluidsim hid-neu 2020 v3.5.exe festo fluidsim hid-neu 2020 v3.5.exe festo fluidsim hid-neu 2020 v3.5.exe autorun.exe no specs autorun.exe no specs autorun.exe no specs festo neumatica.exe no specs festo fluidsim.exe no specs festo neumatica.exe no specs festo fluidsim.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
116"C:\Program Files\Didactic\fl_sim_p4.en\bin\fl_sim_p.exe"C:\Program Files\Didactic\fl_sim_p4.en\bin\fl_sim_p.exefesto fluidsim 4.2 pneumatics_eng.tmp
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
4, 2, 16, 0
Modules
Images
c:\program files\didactic\fl_sim_p4.en\bin\fl_sim_p.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
240"C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe" C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe
explorer.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\desktop\festo fluidsim hid-neu 2020 v3.5.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
880"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\autorun.exe" "SFXSOURCE:C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\autorun.exeFesto FluidSim Hid-Neu 2020 V3.5.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autorun.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\ir_ext_temp_2\lua5.1.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
1540"C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exe" C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exeFESTO NEUMATICA.exe
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
3, 6, 8, 0
Modules
Images
c:\users\admin\appdata\local\temp\rarsfx0\festo fluidsim.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\apphelp.dll
1792"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exe" C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exeautorun.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autoplay\docs\festo neumatica.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
1992"C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe" C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe
explorer.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\desktop\festo fluidsim hid-neu 2020 v3.5.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2504"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\autorun.exe" "SFXSOURCE:C:\Users\admin\Desktop\Festo FluidSim Hid-Neu 2020 V3.5.exe"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\autorun.exeFesto FluidSim Hid-Neu 2020 V3.5.exe
User:
admin
Company:
DinproSolution
Integrity Level:
MEDIUM
Description:
www.dinprosolution.com
Exit code:
0
Version:
1.1.0.1
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_1\autorun.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\ir_ext_temp_1\lua5.1.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
2620"C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exe" C:\Users\admin\AppData\Local\Temp\ir_ext_temp_2\AutoPlay\Docs\FESTO NEUMATICA.exeautorun.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\ir_ext_temp_2\autoplay\docs\festo neumatica.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
2660"C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exe" C:\Users\admin\AppData\Local\Temp\RarSFX0\Festo Fluidsim.exeFESTO NEUMATICA.exe
User:
admin
Company:
Art Systems Software GmbH, Festo Didactic GmbH & Co. KG
Integrity Level:
MEDIUM
Description:
FluidSIM - Fluidics Simulation Program
Exit code:
0
Version:
3, 6, 8, 0
Modules
Images
c:\users\admin\appdata\local\temp\rarsfx0\festo fluidsim.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\apphelp.dll
2752"C:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmp" /SL5="$19013E,14855402,54272,C:\Users\admin\AppData\Local\Temp\festo fluidsim 4.2 pneumatics_eng.exe" /SPAWNWND=$1A01BC /NOTIFYWND=$E0170 C:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmpfesto fluidsim 4.2 pneumatics_eng.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.52.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-sk6uf.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
Total events
13 150
Read events
13 103
Write events
46
Delete events
1

Modification events

(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Setup Version
Value:
5.4.3 (a)
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files\Didactic\fl_sim_p4.en
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files\Didactic\fl_sim_p4.en\
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Icon Group
Value:
Festo Didactic
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: User
Value:
admin
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Selected Tasks
Value:
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Deselected Tasks
Value:
desktopicon
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:Inno Setup: Language
Value:
english
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:DisplayName
Value:
FluidSIM Pneumatics V 4.2 English version 4.2
(PID) Process:(2752) festo fluidsim 4.2 pneumatics_eng.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fluidp42-engE-4D49-A917-2952BA1249D3}_is1
Operation:writeName:UninstallString
Value:
"C:\Program Files\Didactic\fl_sim_p4.en\unins000.exe"
Executable files
15
Suspicious files
1 054
Text files
155
Unknown types
535

Dropped files

PID
Process
Filename
Type
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\is-2T9HR.tmp
MD5:20271C729EEA661DD16D0FFF9E47E329
SHA256:37B3AADE153966813F3FA4B4267914539D4FD04421CEFA849A390EE8C3DEFB0D
3864festo fluidsim 4.2 pneumatics_eng.exeC:\Users\admin\AppData\Local\Temp\is-K0648.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
MD5:67C5A4F36E1C91A3B85E440EDD7AD026
SHA256:99C299D6565AB53D9AF66E0146737DC0ECFBC52ECF4740825B552DB0CC4210C6
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Users\admin\AppData\Local\Temp\is-Q0ITR.tmp\_isetup\_RegDLL.tmp
MD5:0EE914C6F0BB93996C75941E1AD629C6
SHA256:4DC09BAC0613590F1FAC8771D18AF5BE25A1E1CB8FDBF4031AA364F3057E74A2
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Users\admin\AppData\Local\Temp\is-Q0ITR.tmp\_isetup\_shfoldr.dll
MD5:92DC6EF532FBB4A5C3201469A5B5EB63
SHA256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\unins000.exe
MD5:20271C729EEA661DD16D0FFF9E47E329
SHA256:37B3AADE153966813F3FA4B4267914539D4FD04421CEFA849A390EE8C3DEFB0D
2964festo fluidsim 4.2 pneumatics_eng.exeC:\Users\admin\AppData\Local\Temp\is-SK6UF.tmp\festo fluidsim 4.2 pneumatics_eng.tmp
MD5:67C5A4F36E1C91A3B85E440EDD7AD026
SHA256:99C299D6565AB53D9AF66E0146737DC0ECFBC52ECF4740825B552DB0CC4210C6
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\bin\is-CHP78.tmp
MD5:3EC5305B99107A05CB1D344C12FEEEF0
SHA256:E98936CC00094BAC47AC071F58023C0FC1356C88C7C865B80E92B039BA3B3E94
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\bin\ad_anm.dll
MD5:3B355570216CE5BA7FF5B9EC2343BE7D
SHA256:01B82B347A91A3126FF8779D2C0451281261124BB7A94702C41D2ED23D64345E
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\bin\ad_aerc.dll
MD5:3EC5305B99107A05CB1D344C12FEEEF0
SHA256:E98936CC00094BAC47AC071F58023C0FC1356C88C7C865B80E92B039BA3B3E94
2752festo fluidsim 4.2 pneumatics_eng.tmpC:\Program Files\Didactic\fl_sim_p4.en\aq\acp.kb
MD5:F5B66E381782EBBB279123F9A2B64EA9
SHA256:5C4E3283A227D11E6142989E580CEC9ABCD8C03E206E94E32F22A19CDAC59519
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
4
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
festo fluidsim 4.2 pneumatics_eng.exe