File name:

BraveBrowserSetup-BRV010.exe

Full analysis: https://app.any.run/tasks/2ee5646e-3a2b-4c5f-acca-a3018bbcace3
Verdict: Malicious activity
Analysis date: August 02, 2024, 09:17:34
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

72F2ACA87DB84E4A9E7B57074EBB05B4

SHA1:

9548FAE2813E6377B6176CF7676FD6D08C91517C

SHA256:

73386710B5F63ED953C8C562750816D64738E26D33899FBBD4D5ED75770B1F52

SSDEEP:

49152:YtxPvUplQnLYpsZ1xSx4my1oaxRm+E5mjdij6z5rZv7LofTPr0Y2UiFP7JIPE76T:Y8pqMu44myNxRdqm5O6zJlLofUACPSuj

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • BraveBrowserSetup-BRV010.exe (PID: 6428)
      • BraveUpdateSetup.exe (PID: 6584)
      • BraveUpdate.exe (PID: 6716)

    • Scans artifacts that could help determine the target

      • BraveUpdate.exe (PID: 6976)

  • SUSPICIOUS

    • Reads the date of Windows installation

      • BraveUpdate.exe (PID: 6452)
      • BraveUpdate.exe (PID: 6716)

    • Executable content was dropped or overwritten

      • BraveBrowserSetup-BRV010.exe (PID: 6428)
      • BraveUpdateSetup.exe (PID: 6584)
      • BraveUpdate.exe (PID: 6716)

    • Reads security settings of Internet Explorer

      • BraveUpdate.exe (PID: 6452)
      • BraveUpdate.exe (PID: 6716)
      • BraveUpdate.exe (PID: 6976)

    • Disables SEHOP

      • BraveUpdate.exe (PID: 6716)

    • Starts itself from another location

      • BraveUpdate.exe (PID: 6716)

    • Creates/Modifies COM task schedule object

      • BraveUpdateComRegisterShell64.exe (PID: 6828)
      • BraveUpdate.exe (PID: 6796)
      • BraveUpdateComRegisterShell64.exe (PID: 6856)
      • BraveUpdateComRegisterShell64.exe (PID: 6884)

    • Executes as Windows Service

      • BraveUpdate.exe (PID: 7020)

  • INFO

    • Checks supported languages

      • BraveUpdateSetup.exe (PID: 6584)
      • BraveBrowserSetup-BRV010.exe (PID: 6428)
      • BraveUpdate.exe (PID: 6452)
      • BraveUpdate.exe (PID: 6716)
      • BraveUpdate.exe (PID: 6760)
      • BraveUpdate.exe (PID: 6796)
      • BraveUpdateComRegisterShell64.exe (PID: 6828)
      • BraveUpdateComRegisterShell64.exe (PID: 6856)
      • BraveUpdateComRegisterShell64.exe (PID: 6884)
      • BraveUpdate.exe (PID: 6916)
      • BraveUpdate.exe (PID: 6976)
      • BraveUpdate.exe (PID: 7020)

    • Create files in a temporary directory

      • BraveBrowserSetup-BRV010.exe (PID: 6428)
      • BraveUpdate.exe (PID: 7020)

    • Process checks computer location settings

      • BraveUpdate.exe (PID: 6452)
      • BraveUpdate.exe (PID: 6716)

    • Reads the computer name

      • BraveUpdate.exe (PID: 6452)
      • BraveUpdate.exe (PID: 6716)
      • BraveUpdate.exe (PID: 6796)
      • BraveUpdateComRegisterShell64.exe (PID: 6828)
      • BraveUpdateComRegisterShell64.exe (PID: 6856)
      • BraveUpdateComRegisterShell64.exe (PID: 6884)
      • BraveUpdate.exe (PID: 6916)
      • BraveUpdate.exe (PID: 6760)
      • BraveUpdate.exe (PID: 6976)
      • BraveUpdate.exe (PID: 7020)

    • Creates files in the program directory

      • BraveUpdate.exe (PID: 6716)
      • BraveUpdate.exe (PID: 7020)

    • Checks proxy server information

      • BraveUpdate.exe (PID: 6916)
      • BraveUpdate.exe (PID: 6976)

    • Reads the software policy settings

      • BraveUpdate.exe (PID: 6916)
      • BraveUpdate.exe (PID: 7020)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (64.6)
.dll | Win32 Dynamic Link Library (generic) (15.4)
.exe | Win32 Executable (generic) (10.5)
.exe | Generic Win/DOS Executable (4.6)
.exe | DOS Executable Generic (4.6)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:07:31 05:45:09+00:00
ImageFileCharacteristics: Executable, Large address aware, 32-bit
PEType: PE32
LinkerVersion: 14.4
CodeSize: 105984
InitializedDataSize: 1149440
UninitializedDataSize: -
EntryPoint: 0x6f17
OSVersion: 5.1
ImageVersion: -
SubsystemVersion: 5.1
Subsystem: Windows GUI
FileVersionNumber: 1.3.361.151
ProductVersionNumber: 1.3.361.151
FileFlagsMask: 0x003f
FileFlags: Private build
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: BraveSoftware Inc.
FileDescription: BraveSoftware Update Setup
FileVersion: 1.3.361.151
InternalName: BraveSoftware Update Setup
OriginalFileName: BraveUpdateSetup.exe
ProductName: BraveSoftware Update
ProductVersion: 1.3.361.151
LanguageId: en
PrivateBuild: -
No data.
screenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
129
Monitored processes
12
Malicious processes
5
Suspicious processes
0

Behavior graph

Click at the process to see the details
start bravebrowsersetup-brv010.exe braveupdate.exe no specs braveupdatesetup.exe braveupdate.exe braveupdate.exe no specs braveupdate.exe no specs braveupdatecomregistershell64.exe no specs braveupdatecomregistershell64.exe no specs braveupdatecomregistershell64.exe no specs braveupdate.exe braveupdate.exe no specs braveupdate.exe

Process information

PID
CMD
Path
Indicators
Parent process
6428"C:\Users\admin\AppData\Local\Temp\BraveBrowserSetup-BRV010.exe" C:\Users\admin\AppData\Local\Temp\BraveBrowserSetup-BRV010.exe
explorer.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
MEDIUM
Description:
BraveSoftware Update Setup
Version:
1.3.361.151
Modules
Images
c:\users\admin\appdata\local\temp\bravebrowsersetup-brv010.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\shlwapi.dll
6452C:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdate.exe /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none"C:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdate.exeBraveBrowserSetup-BRV010.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
MEDIUM
Description:
BraveSoftware Update
Version:
1.3.361.151
Modules
Images
c:\users\admin\appdata\local\temp\gum501f.tmp\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
6584"C:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateSetup.exe" /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none" /installelevated /nomitagC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateSetup.exe
BraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update Setup
Version:
1.3.361.151
Modules
Images
c:\users\admin\appdata\local\temp\gum501f.tmp\braveupdatesetup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\shlwapi.dll
6716C:\WINDOWS\SystemTemp\GUM557F.tmp\BraveUpdate.exe /installsource taggedmi /install "appguid={AFE6A462-C574-4B8A-AF43-4CC60DF4563B}&appname=Brave-Release&needsadmin=prefers&ap=release&installdataindex=default&referral=none" /installelevatedC:\Windows\SystemTemp\GUM557F.tmp\BraveUpdate.exe
BraveUpdateSetup.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Version:
1.3.361.151
Modules
Images
c:\windows\systemtemp\gum557f.tmp\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
6760"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /regsvcC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
6796"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /regserverC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
6828"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
6856"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
6884"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exe" C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveUpdateComRegisterShell64.exeBraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\1.3.361.151\braveupdatecomregistershell64.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
6916"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNjEuMTUxIiBzaGVsbF92ZXJzaW9uPSIxLjMuMzYxLjE1MSIgaXNtYWNoaW5lPSIxIiBzZXNzaW9uaWQ9IntBM0IzQTkxNS04NERGLTQ3MkQtQUFCOS0xN0MzRTc5QUExOUV9IiBpbnN0YWxsc291cmNlPSJ0YWdnZWRtaSIgdGVzdHNvdXJjZT0iYXV0byIgcmVxdWVzdGlkPSJ7MTg1M0Q2OUUtODgwRC00MkVCLUE4ODUtMjVBNUM2NEI1RDE4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBwaHlzbWVtb3J5PSI0IiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQ1LjQwNDYiIHNwPSIiIGFyY2g9Ing2NCIvPjxhcHAgYXBwaWQ9IntCMTMxQzkzNS05QkU2LTQxREEtOTU5OS0xRjc3NkJFQjgwMTl9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxLjMuMzYxLjE1MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSIxMDMxIi8-PC9hcHA-PC9yZXF1ZXN0PgC:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
BraveUpdate.exe
User:
admin
Company:
BraveSoftware Inc.
Integrity Level:
HIGH
Description:
BraveSoftware Update
Exit code:
0
Version:
1.3.361.151
Modules
Images
c:\program files (x86)\bravesoftware\update\braveupdate.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
Total events
8 142
Read events
7 697
Write events
380
Delete events
65

Modification events

(PID) Process:(6428) BraveBrowserSetup-BRV010.exeKey:HKEY_CURRENT_USER\SOFTWARE\BraveSoftware\Promo
Operation:writeName:StubInstallerPath
Value:
C:\Users\admin\AppData\Local\Temp\BraveBrowserSetup-BRV010.exe
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:path
Value:
C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:UninstallCmdLine
Value:
"C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /uninstall
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\Clients\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:pv
Value:
1.3.361.151
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\Clients\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:name
Value:
Brave Update
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update\ClientState\{B131C935-9BE6-41DA-9599-1F776BEB8019}
Operation:writeName:pv
Value:
1.3.361.151
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BraveUpdate.exe
Operation:writeName:DisableExceptionChainValidation
Value:
0
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:brave_task_name_c
Value:
BraveSoftwareUpdateTaskMachineCore{E4FC4481-722B-45DD-B113-87C30F4F8C43}
(PID) Process:(6716) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:writeName:brave_task_name_ua
Value:
BraveSoftwareUpdateTaskMachineUA{A4C8DC05-BA7B-4FD3-A209-9DEBF4CEBCA8}
(PID) Process:(6760) BraveUpdate.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\BraveSoftware\Update
Operation:delete valueName:uid
Value:
Executable files
216
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateBroker.exeexecutable
MD5:A187168C161D9EEFA6BAEA7C3D17A915
SHA256:7A0CEAA6E20B3646D153643DF02A341E7C1DC4B6B5D84257AC86640FDF46BF47
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\psmachine.dllexecutable
MD5:6E36AFC2158FDBE0FD58D2CE0B4611D3
SHA256:56B4F606A8FAB01E568DB69A5D3974B9FD4E6B7B69171CA05AB42E492A7B8A2F
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveCrashHandlerArm64.exeexecutable
MD5:5131B7F38A2A6F88128701CC834C50E8
SHA256:CF0B17CB0D1DF36501FB6BE36E93181DC5B49E28CCA165D8C3C382C7BC7FD748
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\goopdate.dllexecutable
MD5:F335401815D03F9D5CF1254DB3949BA1
SHA256:E666CA9BFB3122E2D5BEEC916E80E417C96255FD0585425213DE799B1A2D0D86
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdate.exeexecutable
MD5:EF5EEEB82F9BA11EF3B0CFB95B4F08A6
SHA256:F3289FBF1B518EBC6AA63AE3D7F918245A9E2919799EC6D3A1C4CDA8468DED6F
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveCrashHandler.exeexecutable
MD5:AA6DF806C69D35D55642ADDC80A125D4
SHA256:62B3170815C9405F1D349B64BD7AF79DF8D5B7EDC5E508639FC09EE2B73A60F8
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateOnDemand.exeexecutable
MD5:FFC04CAF929E88174407B113C1EC34AD
SHA256:7EBEB1BE2B45449F40388672F2245F2A20A0D0F9C31963BDC132EC4B0327475B
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateComRegisterShellArm64.exeexecutable
MD5:9F7658CD4624C4F94A06C00D25A383AC
SHA256:6ADA54D6A6650D8EFB0FC36D2EBCC95B586E969F159E47C1A3D843BDBEFBD722
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\BraveUpdateCore.exeexecutable
MD5:538BA6B2719DF03B8B0881D236B2C00E
SHA256:B6B155BEBB89B001D30B5DC6BA41423C4BB128A70941BD8047588AE2BE954B98
6428BraveBrowserSetup-BRV010.exeC:\Users\admin\AppData\Local\Temp\GUM501F.tmp\psuser.dllexecutable
MD5:A5819370ABEABDA6EBEAF502BC3B44DB
SHA256:9B4DAFC4972DD8BF32308D1C2B7D2BE11C24702B1C0A8DEEBA7364C86EF7D2F8
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
10
DNS requests
6
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3140
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
3188
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2120
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
3888
svchost.exe
239.255.255.250:1900
whitelisted
6916
BraveUpdate.exe
13.32.121.124:443
updates.bravesoftware.com
AMAZON-02
US
unknown
7020
BraveUpdate.exe
13.32.121.124:443
updates.bravesoftware.com
AMAZON-02
US
unknown
7020
BraveUpdate.exe
18.239.69.37:443
updates-cdn.bravesoftware.com
US
unknown
4
System
192.168.100.255:137
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
whitelisted
google.com
  • 142.250.185.238
whitelisted
updates.bravesoftware.com
  • 13.32.121.124
  • 13.32.121.6
  • 13.32.121.47
  • 13.32.121.70
shared
dl.brave.com
whitelisted
updates-cdn.bravesoftware.com
  • 18.239.69.37
  • 18.239.69.15
  • 18.239.69.86
  • 18.239.69.129
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
BraveBrowserSetup-BRV010.exe