| File name: | Print_AceLauncher.exe |
| Full analysis: | https://app.any.run/tasks/110c61cf-17c8-45c9-9029-a94382009bcd |
| Verdict: | Malicious activity |
| Threats: | Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security. |
| Analysis date: | October 03, 2025, 16:49:38 |
| OS: | Windows 10 Professional (build: 19044, 64 bit) |
| Tags: | |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386, for MS Windows, 11 sections |
| MD5: | BA32881555523E11FAE85DF67B838DD1 |
| SHA1: | A97B1773F15F3A7B496C79AB85EE0D58D342158B |
| SHA256: | 65383A4D998F7217BFC491BDEF974D4B3C871B126FAD28DCF5F356ECF0B47598 |
| SSDEEP: | 98304:MLVIF8P3n1BLHxtD59KEKjSvk94HBdPEii6htsnUICSWxcHKaVW3PyWmydoeOHkx:5Mso |
| .exe | | | Inno Setup installer (67.7) |
|---|---|---|
| .exe | | | Win32 EXE PECompact compressed (generic) (25.6) |
| .exe | | | Win32 Executable (generic) (2.7) |
| .exe | | | Win16/32 Executable Delphi generic (1.2) |
| .exe | | | Generic Win/DOS Executable (1.2) |
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2025:03:13 06:55:45+00:00 |
| ImageFileCharacteristics: | Executable, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 2.25 |
| CodeSize: | 704512 |
| InitializedDataSize: | 286720 |
| UninitializedDataSize: | - |
| EntryPoint: | 0xacfe0 |
| OSVersion: | 6.1 |
| ImageVersion: | - |
| SubsystemVersion: | 6.1 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 0.0.0.0 |
| ProductVersionNumber: | 0.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Neutral |
| CharacterSet: | Unicode |
| Comments: | This installation was built with Inno Setup. |
| CompanyName: | Sunstream Labs |
| FileDescription: | AceLauncherInstaller Setup |
| FileVersion: | |
| LegalCopyright: | |
| OriginalFileName: | |
| ProductName: | AceLauncherInstaller |
| ProductVersion: | 1.0 |
PID | CMD | Path | Indicators | Parent process |
|---|---|---|---|---|
| 576 | "C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe" --type=renderer --subproc-heap-profiling --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=6 --metrics-shmem-handle=3588,i,1375447804266906929,3601365591415183601,2097152 --field-trial-handle=2080,i,1243732845961660959,13041536379786260397,262144 --variations-seed-version --mojo-platform-channel-handle=3760 /prefetch:1 | C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe | — | AceLauncher.exe |
User: admin Company: Sunstream Labs Integrity Level: LOW Description: AceLauncher Exit code: 0 Version: 134.0.6998.211 | ||||
| 592 | "C:\Users\admin\AppData\Local\AceLauncherAutoUpdate\Update.exe" start -- | C:\Users\admin\AppData\Local\AceLauncherAutoUpdate\Update.exe | — | AceLauncherAutoUpdate.exe |
User: admin Company: Velopack Integrity Level: MEDIUM Description: Velopack 0.0.1053 Exit code: 0 Version: 0.0.1053 | ||||
| 704 | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\CR_BF500.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\AceLauncher\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=AceLauncher --annotation=ver=134.0.6998.211 --initial-client-data=0x29c,0x2a0,0x2a4,0x278,0x2a8,0x7ff6db394690,0x7ff6db39469c,0x7ff6db3946a8 | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\CR_BF500.tmp\setup.exe | — | setup.exe |
User: admin Company: Sunstream Labs Integrity Level: MEDIUM Description: AceLauncher Installer Exit code: 0 Version: 134.0.6998.211 | ||||
| 720 | "C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --subproc-heap-profiling --metrics-shmem-handle=9108,i,16765410103877596293,18390693252024152103,524288 --field-trial-handle=2080,i,1243732845961660959,13041536379786260397,262144 --variations-seed-version --mojo-platform-channel-handle=9100 /prefetch:8 | C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe | — | AceLauncher.exe |
User: admin Company: Sunstream Labs Integrity Level: LOW Description: AceLauncher Exit code: 0 Version: 134.0.6998.211 | ||||
| 932 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=6136,i,4880206380901915134,2865547053057676279,262144 --variations-seed-version --mojo-platform-channel-handle=6996 /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 133.0.3065.92 | ||||
| 936 | "C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe" --type=renderer --subproc-heap-profiling --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=37 --metrics-shmem-handle=7224,i,6915159216049155815,17009227872615601166,2097152 --field-trial-handle=2080,i,1243732845961660959,13041536379786260397,262144 --variations-seed-version --mojo-platform-channel-handle=7460 /prefetch:1 | C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe | — | AceLauncher.exe |
User: admin Company: Sunstream Labs Integrity Level: LOW Description: AceLauncher Version: 134.0.6998.211 | ||||
| 1288 | "C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --metrics-shmem-handle=6200,i,3801995604143732274,14934731435414017652,524288 --field-trial-handle=2084,i,3329585313454337202,7919936904302904826,262144 --variations-seed-version --mojo-platform-channel-handle=6220 /prefetch:8 | C:\Users\admin\AppData\Local\AceLauncher\Application\AceLauncher.exe | — | AceLauncher.exe |
User: admin Company: Sunstream Labs Integrity Level: LOW Description: AceLauncher Exit code: 0 Version: 134.0.6998.211 | ||||
| 1692 | "C:\Program Files\Taktak\Setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\WINDOWS\SystemTemp\Crashpad --annotation=plat=Win64 --annotation=prod=Taktak --annotation=ver=138.0.7204.154 --initial-client-data=0x290,0x294,0x298,0x26c,0x29c,0x7ff6ef19dd78,0x7ff6ef19dd84,0x7ff6ef19dd90 | C:\Program Files\Taktak\Setup.exe | — | Setup.exe |
User: admin Company: Ahrefs Pte Ltd. Integrity Level: HIGH Description: Taktak Installer Version: 138.0.7204.154 | ||||
| 1696 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3592,i,4880206380901915134,2865547053057676279,262144 --variations-seed-version --mojo-platform-channel-handle=3608 /prefetch:1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Version: 133.0.3065.92 | ||||
| 1880 | "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=5500,i,4880206380901915134,2865547053057676279,262144 --variations-seed-version --mojo-platform-channel-handle=6992 /prefetch:8 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | — | msedge.exe |
User: admin Company: Microsoft Corporation Integrity Level: LOW Description: Microsoft Edge Exit code: 0 Version: 133.0.3065.92 | ||||
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\is-3URN0.tmp | — | |
MD5:— | SHA256:— | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\mini_installer.exe | — | |
MD5:— | SHA256:— | |||
| 7436 | Print_AceLauncher.exe | C:\Users\admin\AppData\Local\Temp\is-IO1SU.tmp\Print_AceLauncher.tmp | executable | |
MD5:B83D594D8B8B37ABA969D1EEDC72D4D6 | SHA256:2633C158150784564DFB15C50FDB140995437219F05A4BA242B26C0A8E522AE9 | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\_isetup\_setup64.tmp | executable | |
MD5:E4211D6D009757C078A9FAC7FF4F03D4 | SHA256:388A796580234EFC95F3B1C70AD4CB44BFDDC7BA0F9203BF4902B9929B136F95 | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\SetupHelper\AceLauncherInstaller.pdb | binary | |
MD5:33F71DCDB3D560C7160DA0011A36470D | SHA256:1A8887399FBD04E725B869AEF956E48E796C7EAF16B55FC6B1A3CA289CCA190F | |||
| 7636 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-T3IUH.tmp\_isetup\_setup64.tmp | executable | |
MD5:E4211D6D009757C078A9FAC7FF4F03D4 | SHA256:388A796580234EFC95F3B1C70AD4CB44BFDDC7BA0F9203BF4902B9929B136F95 | |||
| 7560 | Print_AceLauncher.exe | C:\Users\admin\AppData\Local\Temp\is-7TGS9.tmp\Print_AceLauncher.tmp | executable | |
MD5:B83D594D8B8B37ABA969D1EEDC72D4D6 | SHA256:2633C158150784564DFB15C50FDB140995437219F05A4BA242B26C0A8E522AE9 | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\SetupHelper\SQLitePCLRaw.core.dll | executable | |
MD5:46520C910E0A9DC3A36FC5470B0092D5 | SHA256:DBCFD04E95AEFA9EF0DCAD4CD20009B018DD3D2943C8CCF3F40597B9ED9161B8 | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\SetupHelper\NuGet.Versioning.dll | executable | |
MD5:FA79CEA4AF7EB6DA346314AEFCD05429 | SHA256:DD0A3E866F8A78B6D787693D30C2486FECE0BE9B5230F439794E726B3689CB3A | |||
| 4688 | Print_AceLauncher.tmp | C:\Users\admin\AppData\Local\Temp\is-N5F92.tmp\SetupHelper\System.Memory.dll | executable | |
MD5:592A822D0136B14F8D661891FF17C33B | SHA256:41B5E1A4C59ABDB1CE1467F58C3D9FD06D39DFF4FC61D500A2410FECE8037F4B | |||
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
2404 | svchost.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
2404 | svchost.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D | unknown | — | — | whitelisted |
7716 | backgroundTaskHost.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D | unknown | — | — | whitelisted |
7800 | backgroundTaskHost.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D | unknown | — | — | whitelisted |
5192 | AceLauncher.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D | unknown | — | — | whitelisted |
5192 | AceLauncher.exe | GET | 200 | 172.66.2.5:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAqZYVkpXnDOCn45Pde5S1U%3D | unknown | — | — | whitelisted |
7244 | svchost.exe | GET | 206 | 199.232.214.172:80 | http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ddbf4492-d475-4fe4-bcde-6cbac56f6034?P1=1759841707&P2=404&P3=2&P4=C2V1Q7laWN%2fiB0mfRnw08JxbcKBo9ydM150GCsA1zV2RvKJbTK9uQM9ILYl34gGGWJNJmHDctFrKEqv8ERFTHw%3d%3d | unknown | — | — | whitelisted |
7244 | svchost.exe | HEAD | 200 | 199.232.214.172:80 | http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ddbf4492-d475-4fe4-bcde-6cbac56f6034?P1=1759841707&P2=404&P3=2&P4=C2V1Q7laWN%2fiB0mfRnw08JxbcKBo9ydM150GCsA1zV2RvKJbTK9uQM9ILYl34gGGWJNJmHDctFrKEqv8ERFTHw%3d%3d | unknown | — | — | whitelisted |
7244 | svchost.exe | GET | 206 | 199.232.214.172:80 | http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ddbf4492-d475-4fe4-bcde-6cbac56f6034?P1=1759841707&P2=404&P3=2&P4=C2V1Q7laWN%2fiB0mfRnw08JxbcKBo9ydM150GCsA1zV2RvKJbTK9uQM9ILYl34gGGWJNJmHDctFrKEqv8ERFTHw%3d%3d | unknown | — | — | whitelisted |
7244 | svchost.exe | HEAD | 200 | 34.104.35.123:80 | http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acmmwq7dser4xm5sepzjv74g65vq_2023.7.28.10/cffplpkejcbdpfnfabnjikeicbedmifn_2023.07.28.10_all_acgbwixmcanakp2bkoppyszsbkrq.crx3 | unknown | — | — | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
4 | System | 192.168.100.255:137 | — | — | — | whitelisted |
7160 | RUXIMICS.exe | 40.127.240.158:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
6016 | MoUsoCoreWorker.exe | 40.127.240.158:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5224 | SearchApp.exe | 95.101.136.201:443 | www.bing.com | Akamai International B.V. | GB | whitelisted |
4688 | Print_AceLauncher.tmp | 52.203.92.28:443 | analytics.acelauncher.com | AMAZON-AES | US | unknown |
4 | System | 192.168.100.255:138 | — | — | — | whitelisted |
6016 | MoUsoCoreWorker.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
5948 | svchost.exe | 4.231.128.59:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
2404 | svchost.exe | 20.190.159.130:443 | login.live.com | MICROSOFT-CORP-MSN-AS-BLOCK | IE | whitelisted |
2404 | svchost.exe | 172.66.2.5:80 | ocsp.digicert.com | — | US | whitelisted |
Domain | IP | Reputation |
|---|---|---|
settings-win.data.microsoft.com |
| whitelisted |
www.bing.com |
| whitelisted |
google.com |
| whitelisted |
analytics.acelauncher.com |
| unknown |
login.live.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
client.wns.windows.com |
| whitelisted |
arc.msn.com |
| whitelisted |
fd.api.iris.microsoft.com |
| whitelisted |
slscr.update.microsoft.com |
| whitelisted |
PID | Process | Class | Message |
|---|---|---|---|
4488 | msedge.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
4488 | msedge.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
4488 | msedge.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
— | — | Potentially Bad Traffic | ET INFO Possible Chrome Plugin install |
10216 | AceLauncher.exe | Not Suspicious Traffic | INFO [ANY.RUN] Cloudflare content delivery network (cdnjs .cloudflare .com) |
10216 | AceLauncher.exe | Not Suspicious Traffic | INFO [ANY.RUN] Cloudflare content delivery network (cdnjs .cloudflare .com) |
— | — | Possibly Unwanted Program Detected | ADWARE [ANY.RUN] InnoSetup Installer |
10216 | AceLauncher.exe | Device Retrieving External IP Address Detected | INFO [ANY.RUN] External IP Check (ip-api .com) |
10216 | AceLauncher.exe | Misc activity | INFO [ANY.RUN] Possible short link service (t .co) |
10216 | AceLauncher.exe | Misc activity | INFO [ANY.RUN] Possible short link service (t .co) |