URL:

sanynouncem.org?5bkkg=1143386

Full analysis: https://app.any.run/tasks/db30ec55-3814-4f78-86ef-b2a6d7af15de
Verdict: Malicious activity
Threats:

Adware is a form of malware that targets users with unwanted advertisements, often disrupting their browsing experience. It typically infiltrates systems through software bundling, malicious websites, or deceptive downloads. Once installed, it may track user activity, collect sensitive data, and display intrusive ads, including pop-ups or banners. Some advanced adware variants can bypass security measures and establish persistence on devices, making removal challenging. Additionally, adware can create vulnerabilities that other malware can exploit, posing a significant risk to user privacy and system security.

Malware Trends Tracker     >>>
Analysis date: May 20, 2026, 10:03:26
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
mentalmentor
adware
evasion
delphi
inno
installer
stealer
opera
tool
Indicators:
MD5:

D001BC8BA42AC394D07B8EBCB08F269F

SHA1:

E3DC3F3009983B828B076BA24A8DF1459C4C234D

SHA256:

724A84C7D925DA7865D3B852F485EE9B3C6B307B3EAABF38E0C0A50B8EAB5A30

SSDEEP:

3:KKeGt+4hhF:sGtbV

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • MENTALMENTOR mutex has been found

      • luminati-m-controller.exe (PID: 1400)
      • luminati-m-controller.exe (PID: 4608)

    • ADWARE has been detected (SURICATA)

      • luminati-m-controller.exe (PID: 1400)
      • net_updater32.exe (PID: 8328)
      • net_updater32.exe (PID: 3120)
      • rewardgum.exe (PID: 5568)

    • Changes the autorun value in the registry

      • pixelsee.exe (PID: 8520)
      • assistant_installer.exe (PID: 6236)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 10088)

    • Steals credentials from Web Browsers

      • installer.exe (PID: 8484)
      • installer.exe (PID: 9152)
      • installer.exe (PID: 4548)
      • installer.exe (PID: 6180)
      • assistant_installer.exe (PID: 8868)
      • assistant_installer.exe (PID: 7288)
      • installer.exe (PID: 8140)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 8548)
      • assistant_installer.exe (PID: 6236)
      • assistant_installer.exe (PID: 9124)
      • assistant_installer.exe (PID: 2452)
      • opera_crashreporter.exe (PID: 9072)
      • opera_crashreporter.exe (PID: 7664)
      • opera.exe (PID: 7332)
      • opera.exe (PID: 9316)
      • opera.exe (PID: 8880)
      • opera_crashreporter.exe (PID: 9408)
      • opera_crashreporter.exe (PID: 9748)
      • opera.exe (PID: 9552)
      • opera.exe (PID: 9512)
      • opera_crashreporter.exe (PID: 9992)
      • opera.exe (PID: 9852)
      • opera_crashreporter.exe (PID: 10160)
      • opera.exe (PID: 10108)
      • browser_assistant.exe (PID: 9524)
      • browser_assistant.exe (PID: 6108)
      • opera_crashreporter.exe (PID: 9308)
      • opera.exe (PID: 10004)
      • opera_crashreporter.exe (PID: 9932)
      • opera.exe (PID: 10088)
      • opera_crashreporter.exe (PID: 8328)
      • opera.exe (PID: 1504)
      • opera.exe (PID: 9588)
      • installer.exe (PID: 7972)
      • installer.exe (PID: 9244)
      • opera_autoupdate.exe (PID: 8928)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 6392)
      • opera_autoupdate.exe (PID: 10096)

    • Starts NET.EXE for service management

      • rewardgum-setup-latest.exe (PID: 3016)
      • net.exe (PID: 9056)

    • Deletes shadow copies

      • WMIC.exe (PID: 8132)
      • WMIC.exe (PID: 8624)
      • WMIC.exe (PID: 2452)
      • WMIC.exe (PID: 5444)

  • SUSPICIOUS

    • Reads Microsoft Outlook installation path

      • PixelSee_id2170852id.exe (PID: 9172)

    • Executable content was dropped or overwritten

      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • net_updater32.exe (PID: 3120)
      • antivirus360.exe (PID: 8372)
      • luminati-m-controller.exe (PID: 4608)
      • opera_binst.exe (PID: 9132)
      • installer.exe (PID: 8484)
      • Assistant_130.0.5847.41_Setup.exe_sfx.exe (PID: 8852)
      • installer.exe (PID: 6180)
      • rewardgum-setup-latest.exe (PID: 3016)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 6236)
      • opera_autoupdate.exe (PID: 6796)

    • Reads Internet Explorer settings

      • PixelSee_id2170852id.exe (PID: 9172)

    • The process drops C-runtime libraries

      • PixelSee_id2170852id.exe (PID: 9172)
      • luminati-m-controller.exe (PID: 1400)

    • Reads the Windows owner or organization settings

      • lum_inst.tmp (PID: 932)

    • Executes as Windows Service

      • net_updater32.exe (PID: 3120)
      • WmiApSrv.exe (PID: 4772)

    • The process checks if it is being run in the virtual environment

      • net_updater32.exe (PID: 3120)

    • Uses NETSH.EXE to add a firewall rule or allowed programs

      • PixelSee_id2170852id.exe (PID: 9172)

    • Silent install from TEMP directory

      • opera_binst.exe (PID: 9132)

    • Application launched itself

      • installer.exe (PID: 8484)
      • installer.exe (PID: 6180)
      • assistant_installer.exe (PID: 8868)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 6236)
      • assistant_installer.exe (PID: 9124)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 10004)
      • opera.exe (PID: 10088)
      • installer.exe (PID: 9244)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 6392)

    • Starts itself from another location

      • installer.exe (PID: 8484)
      • assistant_installer.exe (PID: 6236)

    • Starts CMD.EXE for commands execution

      • cmd.exe (PID: 8840)

    • The executable file from the user directory is run by the CMD process

      • rewardgum-setup-latest.exe (PID: 3016)

    • Searches for installed software

      • installer.exe (PID: 8792)
      • browser_assistant.exe (PID: 6108)

    • Reads the date of Windows installation

      • installer.exe (PID: 8792)
      • opera.exe (PID: 10088)

    • Windows service management via SC.EXE

      • sc.exe (PID: 4272)

    • Malware-specific behavior (creating "System.dll" in Temp)

      • rewardgum-setup-latest.exe (PID: 3016)

    • Uses WMIC.EXE to obtain data on processes

      • rewardgum-setup-latest.exe (PID: 3016)

    • The process creates files with name similar to system file names

      • rewardgum-setup-latest.exe (PID: 3016)

    • Possible stealing from browsers

      • opera_crashreporter.exe (PID: 9072)
      • opera_crashreporter.exe (PID: 7664)
      • opera.exe (PID: 8880)
      • opera_crashreporter.exe (PID: 9408)
      • opera_crashreporter.exe (PID: 9748)
      • opera_crashreporter.exe (PID: 9992)
      • opera_crashreporter.exe (PID: 10160)
      • browser_assistant.exe (PID: 9524)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 10088)

    • Reads Mozilla Firefox installation path

      • opera.exe (PID: 10088)

    • The process executes via Task Scheduler

      • opera_autoupdate.exe (PID: 6796)

    • Checks for external IP

      • net_updater32.exe (PID: 3120)

  • INFO

    • Application launched itself

      • msedge.exe (PID: 7200)

    • Checks supported languages

      • identity_helper.exe (PID: 7960)
      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • test_wpf.exe (PID: 5892)
      • lum_inst.exe (PID: 7244)
      • net_updater32.exe (PID: 8328)
      • net_updater32.exe (PID: 3120)
      • test_wpf.exe (PID: 4352)
      • idle_report.exe (PID: 4488)
      • brightdata.exe (PID: 552)
      • pixelsee.exe (PID: 8520)
      • pixelsee_crashpad_handler.exe (PID: 8872)
      • rewardgum-q7fbg.exe (PID: 8348)
      • antivirus360.exe (PID: 8372)
      • luminati-m-controller.exe (PID: 4608)
      • test_wpf.exe (PID: 5284)
      • opera_binst.exe (PID: 9132)
      • installer.exe (PID: 8484)
      • installer.exe (PID: 9152)
      • installer.exe (PID: 8012)
      • installer.exe (PID: 4548)
      • installer.exe (PID: 6180)
      • pixelsee.exe (PID: 8616)
      • Assistant_130.0.5847.41_Setup.exe_sfx.exe (PID: 8852)
      • assistant_installer.exe (PID: 8868)
      • assistant_installer.exe (PID: 7288)
      • perr_install_helper.exe (PID: 8644)
      • rewardgum-setup-latest.exe (PID: 3016)
      • installer.exe (PID: 8792)
      • installer.exe (PID: 8140)
      • assistant_installer.exe (PID: 6236)
      • assistant_installer.exe (PID: 8548)
      • assistant_installer.exe (PID: 9124)
      • assistant_installer.exe (PID: 2452)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 8880)
      • rewardgum.exe (PID: 5568)
      • opera.exe (PID: 7332)
      • perr_install_helper.exe (PID: 9124)
      • opera_crashreporter.exe (PID: 9072)
      • opera_crashreporter.exe (PID: 7664)
      • opera.exe (PID: 9316)
      • opera.exe (PID: 9504)
      • browser_assistant.exe (PID: 9524)
      • opera.exe (PID: 9552)
      • opera_crashreporter.exe (PID: 9408)
      • opera.exe (PID: 9512)
      • opera.exe (PID: 9628)
      • opera_crashreporter.exe (PID: 9748)
      • opera.exe (PID: 9844)
      • opera.exe (PID: 9964)
      • opera.exe (PID: 9864)
      • opera.exe (PID: 9852)
      • opera.exe (PID: 9872)
      • opera_crashreporter.exe (PID: 9992)
      • opera.exe (PID: 10108)
      • opera_crashreporter.exe (PID: 10160)
      • opera.exe (PID: 10100)
      • opera.exe (PID: 10040)
      • opera_crashreporter.exe (PID: 9308)
      • opera.exe (PID: 10004)
      • opera_crashreporter.exe (PID: 9932)
      • opera.exe (PID: 10088)
      • opera.exe (PID: 9808)
      • opera.exe (PID: 9396)
      • opera.exe (PID: 9588)
      • opera.exe (PID: 9816)
      • opera.exe (PID: 10192)
      • opera.exe (PID: 10112)
      • opera.exe (PID: 9508)
      • opera.exe (PID: 10024)
      • opera.exe (PID: 9576)
      • opera.exe (PID: 10188)
      • opera.exe (PID: 8928)
      • browser_assistant.exe (PID: 8768)
      • opera_gx_splash.exe (PID: 4344)
      • opera.exe (PID: 1504)
      • opera_crashreporter.exe (PID: 8328)
      • opera.exe (PID: 9436)
      • opera.exe (PID: 9344)
      • opera.exe (PID: 10236)
      • opera.exe (PID: 10172)
      • opera.exe (PID: 4932)
      • opera.exe (PID: 5228)
      • opera.exe (PID: 6500)
      • opera.exe (PID: 932)
      • opera.exe (PID: 8352)
      • opera.exe (PID: 4352)
      • opera.exe (PID: 8016)
      • opera.exe (PID: 8780)
      • opera.exe (PID: 4340)
      • opera.exe (PID: 6952)
      • opera.exe (PID: 8320)
      • opera.exe (PID: 7752)
      • opera.exe (PID: 9168)
      • opera.exe (PID: 9036)
      • opera.exe (PID: 6752)
      • opera.exe (PID: 8308)
      • opera.exe (PID: 10116)
      • opera.exe (PID: 6892)
      • opera.exe (PID: 9224)
      • installer.exe (PID: 9244)
      • installer.exe (PID: 7972)
      • opera.exe (PID: 8328)
      • opera.exe (PID: 9340)
      • opera.exe (PID: 7152)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 8928)
      • opera_autoupdate.exe (PID: 6392)
      • opera_autoupdate.exe (PID: 10096)
      • opera.exe (PID: 9392)
      • opera.exe (PID: 8472)
      • opera.exe (PID: 2032)
      • idle_report.exe (PID: 4056)
      • installer.exe (PID: 8636)
      • opera.exe (PID: 9252)

    • Reads Environment values

      • identity_helper.exe (PID: 7960)

    • Executable content was dropped or overwritten

      • msedge.exe (PID: 2392)
      • msedge.exe (PID: 7200)

    • Reads the computer name

      • identity_helper.exe (PID: 7960)
      • PixelSee_id2170852id.exe (PID: 9172)
      • test_wpf.exe (PID: 5892)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • net_updater32.exe (PID: 8328)
      • net_updater32.exe (PID: 3120)
      • test_wpf.exe (PID: 4352)
      • idle_report.exe (PID: 4488)
      • brightdata.exe (PID: 552)
      • pixelsee.exe (PID: 8520)
      • rewardgum-q7fbg.exe (PID: 8348)
      • antivirus360.exe (PID: 8372)
      • test_wpf.exe (PID: 5284)
      • luminati-m-controller.exe (PID: 4608)
      • installer.exe (PID: 8484)
      • installer.exe (PID: 6180)
      • pixelsee.exe (PID: 8616)
      • assistant_installer.exe (PID: 8868)
      • perr_install_helper.exe (PID: 8644)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 6236)
      • assistant_installer.exe (PID: 9124)
      • rewardgum-setup-latest.exe (PID: 3016)
      • rewardgum.exe (PID: 5568)
      • perr_install_helper.exe (PID: 9124)
      • opera.exe (PID: 7332)
      • opera.exe (PID: 8880)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 9504)
      • opera.exe (PID: 9512)
      • opera.exe (PID: 9316)
      • opera.exe (PID: 9852)
      • opera.exe (PID: 9552)
      • opera.exe (PID: 10108)
      • opera.exe (PID: 10100)
      • opera.exe (PID: 10004)
      • opera.exe (PID: 10088)
      • opera.exe (PID: 9808)
      • opera.exe (PID: 9588)
      • opera.exe (PID: 1504)
      • opera_gx_splash.exe (PID: 4344)
      • opera.exe (PID: 5228)
      • installer.exe (PID: 9244)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 6392)
      • opera_autoupdate.exe (PID: 8928)
      • opera_autoupdate.exe (PID: 10096)
      • idle_report.exe (PID: 4056)

    • The sample compiled with english language support

      • msedge.exe (PID: 2392)
      • msedge.exe (PID: 7200)
      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • antivirus360.exe (PID: 8372)
      • opera_binst.exe (PID: 9132)
      • Assistant_130.0.5847.41_Setup.exe_sfx.exe (PID: 8852)
      • installer.exe (PID: 6180)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 6236)
      • rewardgum-setup-latest.exe (PID: 3016)
      • opera_autoupdate.exe (PID: 6796)

    • Launching a file from the Downloads directory

      • msedge.exe (PID: 7200)

    • Create files in a temporary directory

      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.exe (PID: 7244)
      • lum_inst.tmp (PID: 932)
      • antivirus360.exe (PID: 8372)
      • opera_binst.exe (PID: 9132)
      • installer.exe (PID: 8484)
      • Assistant_130.0.5847.41_Setup.exe_sfx.exe (PID: 8852)
      • rewardgum-q7fbg.exe (PID: 8348)
      • rewardgum-setup-latest.exe (PID: 3016)
      • installer.exe (PID: 8792)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 10088)
      • opera_autoupdate.exe (PID: 6796)

    • Reads security settings of Internet Explorer

      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • antivirus360.exe (PID: 8372)
      • installer.exe (PID: 8484)
      • pixelsee.exe (PID: 8520)
      • installer.exe (PID: 8792)
      • WMIC.exe (PID: 8132)
      • WMIC.exe (PID: 8624)
      • WMIC.exe (PID: 2452)
      • WMIC.exe (PID: 5444)
      • rewardgum.exe (PID: 5568)
      • browser_assistant.exe (PID: 6108)

    • Creates files or folders in the user directory

      • PixelSee_id2170852id.exe (PID: 9172)
      • luminati-m-controller.exe (PID: 1400)
      • pixelsee_crashpad_handler.exe (PID: 8872)
      • pixelsee.exe (PID: 8520)
      • antivirus360.exe (PID: 8372)
      • installer.exe (PID: 9152)
      • installer.exe (PID: 8484)
      • installer.exe (PID: 6180)
      • perr_install_helper.exe (PID: 8644)
      • installer.exe (PID: 8792)
      • assistant_installer.exe (PID: 6236)
      • rewardgum.exe (PID: 5568)
      • rewardgum-setup-latest.exe (PID: 3016)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 9512)
      • opera.exe (PID: 10004)
      • opera.exe (PID: 10088)
      • opera.exe (PID: 9588)
      • browser_assistant.exe (PID: 6108)
      • opera_autoupdate.exe (PID: 10096)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 6392)

    • Creates a software uninstall entry

      • PixelSee_id2170852id.exe (PID: 9172)
      • installer.exe (PID: 8792)
      • rewardgum-setup-latest.exe (PID: 3016)

    • Process checks computer location settings

      • PixelSee_id2170852id.exe (PID: 9172)
      • lum_inst.tmp (PID: 932)
      • luminati-m-controller.exe (PID: 1400)
      • net_updater32.exe (PID: 3120)
      • luminati-m-controller.exe (PID: 4608)
      • perr_install_helper.exe (PID: 8644)
      • perr_install_helper.exe (PID: 9124)
      • rewardgum.exe (PID: 5568)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 9864)
      • opera.exe (PID: 9844)
      • opera.exe (PID: 9872)
      • opera.exe (PID: 10088)
      • opera.exe (PID: 9344)
      • opera.exe (PID: 9436)
      • opera.exe (PID: 10172)
      • opera.exe (PID: 10236)
      • opera.exe (PID: 10024)
      • opera.exe (PID: 9168)
      • opera.exe (PID: 6952)
      • opera.exe (PID: 6892)
      • opera.exe (PID: 4932)
      • opera.exe (PID: 8472)
      • opera.exe (PID: 2032)

    • Reads the machine GUID from the registry

      • luminati-m-controller.exe (PID: 1400)
      • test_wpf.exe (PID: 5892)
      • net_updater32.exe (PID: 3120)
      • test_wpf.exe (PID: 4352)
      • idle_report.exe (PID: 4488)
      • brightdata.exe (PID: 552)
      • pixelsee.exe (PID: 8520)
      • rewardgum-q7fbg.exe (PID: 8348)
      • luminati-m-controller.exe (PID: 4608)
      • test_wpf.exe (PID: 5284)
      • antivirus360.exe (PID: 8372)
      • installer.exe (PID: 8484)
      • pixelsee.exe (PID: 8616)
      • perr_install_helper.exe (PID: 8644)
      • installer.exe (PID: 8792)
      • rewardgum.exe (PID: 5568)
      • perr_install_helper.exe (PID: 9124)
      • opera.exe (PID: 8880)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 10088)
      • opera_autoupdate.exe (PID: 6796)
      • opera_autoupdate.exe (PID: 6392)
      • opera_autoupdate.exe (PID: 8928)
      • idle_report.exe (PID: 4056)
      • opera_autoupdate.exe (PID: 10096)

    • Detects InnoSetup installer (YARA)

      • lum_inst.exe (PID: 7244)
      • lum_inst.tmp (PID: 932)

    • Compiled with Borland Delphi (YARA)

      • lum_inst.exe (PID: 7244)
      • lum_inst.tmp (PID: 932)

    • Disables trace logs

      • luminati-m-controller.exe (PID: 1400)
      • net_updater32.exe (PID: 3120)
      • rewardgum-q7fbg.exe (PID: 8348)
      • antivirus360.exe (PID: 8372)
      • perr_install_helper.exe (PID: 8644)
      • rewardgum.exe (PID: 5568)

    • Reads the time zone

      • net_updater32.exe (PID: 3120)

    • Reads CPU info

      • net_updater32.exe (PID: 3120)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 10088)

    • Launching a file from a Registry key

      • pixelsee.exe (PID: 8520)
      • assistant_installer.exe (PID: 6236)
      • opera.exe (PID: 8880)
      • opera.exe (PID: 10088)

    • Manual execution by a user

      • pixelsee.exe (PID: 8616)
      • browser_assistant.exe (PID: 8768)
      • opera.exe (PID: 1504)

    • OPERA mutex has been found

      • opera.exe (PID: 8880)
      • browser_assistant.exe (PID: 6108)
      • opera.exe (PID: 10088)
      • opera_autoupdate.exe (PID: 6392)
      • opera_autoupdate.exe (PID: 6796)

    • Attempting to connect via WebSocket

      • net_updater32.exe (PID: 3120)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
326
Monitored processes
178
Malicious processes
28
Suspicious processes
31

Behavior graph

Click at the process to see the details
start msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs slui.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs pixelsee_id2170852id.exe no specs pixelsee_id2170852id.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs lum_inst.exe no specs lum_inst.tmp msedge.exe no specs #ADWARE luminati-m-controller.exe test_wpf.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs #ADWARE net_updater32.exe conhost.exe no specs #ADWARE net_updater32.exe test_wpf.exe no specs idle_report.exe no specs conhost.exe no specs brightdata.exe no specs conhost.exe no specs wmiapsrv.exe no specs netsh.exe no specs conhost.exe no specs netsh.exe no specs conhost.exe no specs pixelsee.exe pixelsee_crashpad_handler.exe no specs rewardgum-q7fbg.exe antivirus360.exe #MENTALMENTOR luminati-m-controller.exe test_wpf.exe no specs opera_binst.exe installer.exe installer.exe installer.exe no specs installer.exe installer.exe msedge.exe no specs pixelsee.exe msedge.exe no specs assistant_130.0.5847.41_setup.exe_sfx.exe assistant_installer.exe assistant_installer.exe cmd.exe no specs conhost.exe no specs rewardgum-setup-latest.exe perr_install_helper.exe installer.exe installer.exe UIAutomationCrossBitnessHook32 Class no specs sc.exe no specs conhost.exe no specs assistant_installer.exe net.exe no specs conhost.exe no specs assistant_installer.exe net1.exe no specs assistant_installer.exe wmic.exe no specs conhost.exe no specs assistant_installer.exe browser_assistant.exe opera.exe wmic.exe no specs conhost.exe no specs opera.exe #ADWARE rewardgum.exe wmic.exe no specs conhost.exe no specs wmic.exe no specs conhost.exe no specs perr_install_helper.exe opera_crashreporter.exe opera_crashreporter.exe opera.exe opera_crashreporter.exe opera.exe no specs opera.exe browser_assistant.exe opera.exe opera.exe no specs opera_crashreporter.exe opera.exe no specs opera.exe opera.exe no specs opera.exe no specs opera.exe no specs opera_crashreporter.exe opera.exe no specs opera.exe opera_crashreporter.exe opera.exe no specs unsecapp.exe no specs opera.exe no specs opera.exe opera_crashreporter.exe opera.exe opera_crashreporter.exe opera.exe no specs opera.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera_gx_splash.exe no specs browser_assistant.exe no specs opera.exe opera_crashreporter.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs installer.exe installer.exe opera.exe no specs opera.exe no specs msedge.exe no specs opera_autoupdate.exe opera_autoupdate.exe opera_autoupdate.exe opera_autoupdate.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs idle_report.exe no specs conhost.exe no specs installer.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
352\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
508"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --disable-quic --message-loop-type-ui --string-annotations --always-read-main-dll --field-trial-handle=6756,i,8891569530165890070,10265804514430937682,262144 --disable-features=HttpsFirstBalancedMode,HttpsFirstModeV2,HttpsOnlyMode,HttpsUpgrades --variations-seed-version --mojo-platform-channel-handle=5932 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
552C:\ProgramData\BrightData\b85f5ef603041f1fc4e7f943c177a0d440a01266\brightdata.exe --appid win_pixelsee.appC:\ProgramData\BrightData\b85f5ef603041f1fc4e7f943c177a0d440a01266\brightdata.exenet_updater32.exe
User:
admin
Company:
BrightData Ltd. (certified)
Integrity Level:
MEDIUM
Description:
BrightData service allows free use of certain features in an app you installed
Version:
1.617.770
Modules
Images
c:\programdata\brightdata\b85f5ef603041f1fc4e7f943c177a0d440a01266\brightdata.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\mscoree.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
736"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3608,i,8891569530165890070,10265804514430937682,262144 --disable-features=HttpsFirstBalancedMode,HttpsFirstModeV2,HttpsOnlyMode,HttpsUpgrades --variations-seed-version --mojo-platform-channel-handle=3900 /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
932"C:\Users\admin\AppData\Local\Temp\is-KFOLH.tmp\lum_inst.tmp" /SL5="$17031C,6079463,832512,C:\Users\admin\AppData\Local\Temp\luminati\lum_inst.exe" /verysilentC:\Users\admin\AppData\Local\Temp\is-KFOLH.tmp\lum_inst.tmp
lum_inst.exe
User:
admin
Company:
SIA Circle Solutions
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
101
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-kfolh.tmp\lum_inst.tmp
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\comdlg32.dll
932"C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --no-pre-read-main-dll --force-high-res-timeticks=disabled --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-intent=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:audio-analysis=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:certificate-transparency-enforcement=on --with-feature:cms-tracking-rules=on --with-feature:continue-filter=on --with-feature:continue-shopping-aliexpress-cms-configuration=on --with-feature:continue-shopping-ebay-cms-configuration=on --with-feature:discord-in-sidebar=on --with-feature:domain-suggestions-competitors=on --with-feature:early-bird=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:installer-experiment-test=off --with-feature:installer-move-opera-exe=off --with-feature:installer-verify-ipc-client=off --with-feature:new-auto-pip-for-documents=on --with-feature:new-auto-pip-for-video=on --with-feature:opera-one-unskippable-introduction=on --with-feature:opera-startpage-special-2=off --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:vpn-pro-v4-support=on --metrics-shmem-handle=3752,i,16079067193708128013,4841896672487158925,524288 --field-trial-handle=1932,i,16705214410892448186,3333954701525410559,262144 --enable-features=AutoPictureInPictureForVideoPlayback,AutoPictureInPictureVideoHeuristics,CertificateTransparencyAskBeforeEnabling,MultiThreadedUiCompositor,NativeNotifications,PlatformSoftwareH264EncoderInGpu,SystemNotifications --disable-features=CapitalOneCashbackProtection,SkiaGraphite,SyncWorkspacesInSessions --variations-seed-version --pseudonymization-salt-handle=1936,i,10977114792653705594,10852439503860325549,4 --trace-process-track-uuid=3190709006926792172 --mojo-platform-channel-handle=3504 /prefetch:8C:\Users\admin\AppData\Local\Programs\Opera\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera Internet Browser
Exit code:
0
Version:
131.0.5877.74
Modules
Images
c:\users\admin\appdata\local\programs\opera\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera\131.0.5877.74\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1400"C:\Users\admin\PixelSee\Luminati-m\luminati-m-controller.exe" switch_onC:\Users\admin\PixelSee\Luminati-m\luminati-m-controller.exe
lum_inst.tmp
User:
admin
Company:
SIA Circle Solutions
Integrity Level:
HIGH
Description:
PixelSee Luminati Controller
Exit code:
101
Version:
1.0.0.0
Modules
Images
c:\users\admin\pixelsee\luminati-m\luminati-m-controller.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
1504"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --pdf-upsell-enabled --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4904,i,8891569530165890070,10265804514430937682,262144 --disable-features=HttpsFirstBalancedMode,HttpsFirstModeV2,HttpsOnlyMode,HttpsUpgrades --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1504"C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --autostartC:\Users\admin\AppData\Local\Programs\Opera\opera.exe
explorer.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Internet Browser
Exit code:
24
Version:
131.0.5877.74
Modules
Images
c:\users\admin\appdata\local\programs\opera\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\acgenral.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
1724"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=7956,i,8891569530165890070,10265804514430937682,262144 --disable-features=HttpsFirstBalancedMode,HttpsFirstModeV2,HttpsOnlyMode,HttpsUpgrades --variations-seed-version --mojo-platform-channel-handle=7840 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
0
Read events
0
Write events
0
Delete events
0

Modification events

No data
Executable files
501
Suspicious files
701
Text files
974
Unknown types
62

Dropped files

PID
Process
Filename
Type
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\ClientCertificates\LOG.old~RFdfcb0.TMP
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\ClientCertificates\LOG.old
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old~RFdfcb0.TMP
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old~RFdfcb0.TMP
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old~RFdfcb0.TMP
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\PersistentOriginTrials\LOG.old
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\LOG.old~RFdfcbf.TMP
MD5:
SHA256:
7200msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old~RFdfcbf.TMP
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
243
TCP/UDP connections
279
DNS requests
201
Threats
38

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
2392
msedge.exe
GET
307
141.94.28.192:443
https://clicktoupdservice.online/click?key=2548383a8e454e9d9485783d2cbad0e0&click_id=3772530545344429196&cost=0.0&sub_source_id=1143386_-1&country_code=LU&ip=185.221.132.206&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F133.0.0.0%20Safari%2F537.36%20Edg%2F133.0.0.0&os_type=windows&os_version=10.0&creative_id=833142&isp=EstNOC-Global&campaign_name=Pix_Pops_WW_13_05_2026&browser=Edge
FR
unknown
2392
msedge.exe
GET
200
150.171.28.11:80
http://edge.microsoft.com/browsernetworktime/time/1/current?cup2key=2:HZF6djvrHveZJQLN2meR5wbI0vt-o1bcsi0B9MkoKds&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
US
text
98 b
whitelisted
2392
msedge.exe
GET
200
104.18.22.222:443
https://copilot.microsoft.com/c/api/user/eligibility
US
text
25 b
whitelisted
2392
msedge.exe
GET
200
150.171.109.194:443
https://api.edgeoffer.microsoft.com/edgeoffer/pb/experiments?appId=edge-extensions&country=US
US
binary
82 b
whitelisted
2392
msedge.exe
GET
200
2.16.204.146:443
https://www.bing.com/bloomfilterfiles/ExpandedDomainsFilterGlobal.json
NL
text
666 Kb
whitelisted
2392
msedge.exe
GET
301
51.158.227.68:443
https://pixelsee.app/desktop?r=Pix_Ad-Maven_VT_WW_13_05_2026&sub1=1143386_-1&sub2=binom_postback&sub5=3772530545344429196&sub6=d86odt9j5s8c73b4hbr0
FR
html
169 b
unknown
2392
msedge.exe
GET
200
51.158.227.68:443
https://pixelsee.app/desktop/?r=Pix_Ad-Maven_VT_WW_13_05_2026&sub1=1143386_-1&sub2=binom_postback&sub5=3772530545344429196&sub6=d86odt9j5s8c73b4hbr0
FR
html
12.6 Kb
unknown
2392
msedge.exe
GET
200
51.158.227.68:443
https://pixelsee.app/desktop/css/style.min.css
FR
text
13.6 Kb
unknown
2392
msedge.exe
GET
200
51.158.227.68:443
https://pixelsee.app/desktop/css/baloon.min.css
FR
text
4.01 Kb
unknown
2392
msedge.exe
GET
200
51.158.227.68:443
https://pixelsee.app/desktop/images/product/1.png
FR
image
10.2 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
5276
MoUsoCoreWorker.exe
48.209.138.189:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
4
System
192.168.100.255:137
Not routed
whitelisted
5632
slui.exe
48.192.1.65:443
activation-v2.sls.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
3044
svchost.exe
48.209.138.189:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2392
msedge.exe
150.171.22.17:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
4
System
192.168.100.255:138
Not routed
whitelisted
2392
msedge.exe
150.171.28.11:80
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2392
msedge.exe
65.8.131.29:80
sanynouncem.org
AMAZON-02
US
whitelisted
2392
msedge.exe
150.171.28.11:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2392
msedge.exe
150.171.109.194:443
api.edgeoffer.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted

DNS requests

Domain
IP
Reputation
activation-v2.sls.microsoft.com
  • 48.192.1.65
whitelisted
google.com
  • 142.251.110.139
  • 142.251.110.102
  • 142.251.110.138
  • 142.251.110.100
  • 142.251.110.101
  • 142.251.110.113
whitelisted
edge.microsoft.com
  • 150.171.28.11
  • 150.171.27.11
whitelisted
config.edge.skype.com
  • 150.171.22.17
whitelisted
sanynouncem.org
  • 65.8.131.29
  • 65.8.131.110
  • 65.8.131.61
  • 65.8.131.5
whitelisted
api.edgeoffer.microsoft.com
  • 150.171.109.194
whitelisted
copilot.microsoft.com
  • 104.18.22.222
  • 104.18.23.222
whitelisted
www.bing.com
  • 2.16.204.146
  • 2.16.204.153
  • 2.16.204.152
  • 2.16.204.154
  • 2.16.204.151
  • 2.16.204.145
  • 2.16.204.148
  • 2.16.204.150
  • 2.16.204.149
  • 2.16.204.143
  • 2.16.204.141
  • 2.16.204.139
  • 2.16.204.147
  • 2.16.204.142
  • 2.16.204.137
  • 2.16.204.138
  • 2.16.204.159
  • 2.16.204.158
  • 2.16.204.136
  • 2.16.204.160
  • 2.16.204.135
  • 2.16.204.161
whitelisted
clicktoupdservice.online
  • 141.94.28.192
unknown
pixelsee.app
  • 51.158.227.68
  • 51.158.216.85
  • 51.158.227.42
  • 51.158.210.107
unknown

Threats

PID
Process
Class
Message
3044
svchost.exe
Unknown Traffic
ET USER_AGENTS Microsoft Dr Watson User-Agent (MSDW)
2392
msedge.exe
Misc activity
ET INFO EXE - Served Attached HTTP
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
1400
luminati-m-controller.exe
Misc activity
ADWARE [ANY.RUN] Bright Data SDK User-Agent in HTTP request
Process
Message
pixelsee.exe
> __thiscall Application::Application(int &,char *[])
pixelsee.exe
os version: "10.0.19045v" __ os name: "Windows 10 Version 2009"
pixelsee.exe
> int __thiscall Application::exec(void)
pixelsee.exe
> __thiscall PixelseeSettings::PixelseeSettings(void)
pixelsee.exe
INSTALL ID: "" _ OLD ID: ""
pixelsee.exe
> void __thiscall PixelseeSettings::flushSettings(void)
pixelsee.exe
reseller - "" installId ""
pixelsee.exe
main libvlc debug: min period: 1 ms, max period: 1000000 ms
pixelsee.exe
main libvlc debug: searching plug-in modules
pixelsee.exe
main libvlc debug: configured with /home/jenkins/workspace/vlc-release/windows/vlc-release-win32-x86/extras/package/win32/../../../configure '--enable-update-check' '--enable-lua' '--enable-faad' '--enable-flac' '--enable-theora' '--enable-avcodec' '--enable-merge-ffmpeg' '--enable-dca' '--enable-mpc' '--enable-libass' '--enable-schroedinger' '--enable-realrtsp' '--enable-live555' '--enable-shout' '--enable-goom' '--enable-sse' '--enable-mmx' '--enable-libcddb' '--enable-zvbi' '--disable-telx' '--enable-nls' '--host=i686-w64-mingw32' '--with-contrib=../contrib/i686-w64-mingw32' '--with-breakpad=https://win.crashes.videolan.org' '--enable-qt' '--enable-skins2' '--enable-dvdread' '--enable-caca' 'host_alias=i686-w64-mingw32' 'CFLAGS= ' 'CXXFLAGS= ' 'PKG_CONFIG=pkg-config' 'PKG_CONFIG_LIBDIR=/usr/i686-w64-mingw32/lib/pkgconfig:/usr/lib/i686-w64-mingw32/pkgconfig'
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
sanynouncem.org?5bkkg=1143386