URL:

https://7launcher.com/gta-v/?lang=en

Full analysis: https://app.any.run/tasks/89e339b6-c8ad-4f2f-a012-d2995dd52b61
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Malware Trends Tracker     >>>
Analysis date: January 29, 2025, 20:57:49
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
loader
bittorrent
delphi
Indicators:
MD5:

A78A1D26A8DD02EC70BADAF952F3784F

SHA1:

8AF6A8F8B6D7CE1ACA9CC9890FCC4462F8BC8202

SHA256:

74B0D679B17C1FEDF10A847D2A36373BEDA2F057FCAAB3A0B524215EDE4FF025

SSDEEP:

3:N80aAi7waQbun:2N7wapn

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • BITTORRENT has been detected (SURICATA)

      • aria2c.exe (PID: 3780)

  • SUSPICIOUS

    • Creates file in the systems drive root

      • explorer.exe (PID: 4488)

    • Executable content was dropped or overwritten

      • 7l_gta-v_latest_setup.exe (PID: 1064)
      • 7l_gta-v_latest_setup.exe (PID: 3436)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • Run_GTAV.exe (PID: 5556)

    • Reads security settings of Internet Explorer

      • 7l_gta-v_latest_setup.tmp (PID: 2136)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • Run_GTAV.exe (PID: 5556)

    • Reads the Windows owner or organization settings

      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • Starts CMD.EXE for commands execution

      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • Uses TASKKILL.EXE to kill process

      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • Uses NETSH.EXE to add a firewall rule or allowed programs

      • cmd.exe (PID: 5568)

    • Reads Microsoft Outlook installation path

      • Run_GTAV.exe (PID: 5556)

    • Reads Internet Explorer settings

      • Run_GTAV.exe (PID: 5556)

    • Checks Windows Trust Settings

      • Run_GTAV.exe (PID: 5556)

    • There is functionality for taking screenshot (YARA)

      • Run_GTAV.exe (PID: 5556)

    • Process requests binary or script from the Internet

      • Run_GTAV.exe (PID: 5556)

    • Potential Corporate Privacy Violation

      • aria2c.exe (PID: 3780)

    • Connects to unusual port

      • aria2c.exe (PID: 3780)

  • INFO

    • Reads security settings of Internet Explorer

      • explorer.exe (PID: 4488)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 6344)

    • Reads the software policy settings

      • explorer.exe (PID: 4488)
      • Run_GTAV.exe (PID: 5556)

    • Application launched itself

      • chrome.exe (PID: 6344)
      • msedge.exe (PID: 6336)
      • msedge.exe (PID: 2008)
      • msedge.exe (PID: 5560)

    • Checks proxy server information

      • explorer.exe (PID: 4488)
      • Run_GTAV.exe (PID: 5556)

    • Creates files or folders in the user directory

      • explorer.exe (PID: 4488)
      • Run_GTAV.exe (PID: 5556)

    • Checks supported languages

      • 7l_gta-v_latest_setup.exe (PID: 1064)
      • 7l_gta-v_latest_setup.exe (PID: 3436)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • Run_GTAV.exe (PID: 5556)
      • aria2c.exe (PID: 3780)
      • identity_helper.exe (PID: 7028)
      • 7l_gta-v_latest_setup.tmp (PID: 2136)

    • Reads the computer name

      • 7l_gta-v_latest_setup.tmp (PID: 2136)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • 7l_gta-v_latest_setup.exe (PID: 3436)
      • Run_GTAV.exe (PID: 5556)
      • aria2c.exe (PID: 3780)
      • identity_helper.exe (PID: 7028)

    • Process checks computer location settings

      • 7l_gta-v_latest_setup.tmp (PID: 2136)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • Create files in a temporary directory

      • 7l_gta-v_latest_setup.exe (PID: 1064)
      • 7l_gta-v_latest_setup.exe (PID: 3436)
      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • Creates files in the program directory

      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • Run_GTAV.exe (PID: 5556)
      • aria2c.exe (PID: 3780)

    • Creates a software uninstall entry

      • 7l_gta-v_latest_setup.tmp (PID: 6068)

    • The sample compiled with english language support

      • 7l_gta-v_latest_setup.tmp (PID: 6068)
      • Run_GTAV.exe (PID: 5556)

    • Process checks whether UAC notifications are on

      • Run_GTAV.exe (PID: 5556)

    • Reads the machine GUID from the registry

      • Run_GTAV.exe (PID: 5556)
      • aria2c.exe (PID: 3780)

    • Compiled with Borland Delphi (YARA)

      • Run_GTAV.exe (PID: 5556)

    • Reads Environment values

      • identity_helper.exe (PID: 7028)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
205
Monitored processes
75
Malicious processes
4
Suspicious processes
1

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs rundll32.exe no specs chrome.exe no specs chrome.exe no specs explorer.exe 7l_gta-v_latest_setup.exe 7l_gta-v_latest_setup.tmp no specs 7l_gta-v_latest_setup.exe 7l_gta-v_latest_setup.tmp taskkill.exe no specs conhost.exe no specs run_gtav.exe cmd.exe no specs conhost.exe no specs netsh.exe no specs netsh.exe no specs netsh.exe no specs netsh.exe no specs #BITTORRENT aria2c.exe conhost.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
420"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2548 --field-trial-handle=2340,i,17617321765698847591,7825365052790459467,262144 --variations-seed-version /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
540netsh advfirewall firewall add rule name="7Launcher P2P In" dir=in action=allow program="C:\Program Files\GTA V\7launcher\tools\aria2\aria2c.exe" description="7Launcher P2P In" enable=yes profile=any edge=yes interfacetype=any C:\Windows\System32\netsh.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Network Command Shell
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\netsh.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
648"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4872 --field-trial-handle=2416,i,1581735379414894940,4119205758754360319,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
876"taskkill.exe" /f /im "Run_GTAV.exe"C:\Windows\System32\taskkill.exe7l_gta-v_latest_setup.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Terminates Processes
Exit code:
128
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\taskkill.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
876"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2320 --field-trial-handle=2340,i,17617321765698847591,7825365052790459467,262144 --variations-seed-version /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
1064"C:\Users\admin\Downloads\7l_gta-v_latest_setup.exe" C:\Users\admin\Downloads\7l_gta-v_latest_setup.exe
explorer.exe
User:
admin
Company:
SE7EN Solutions
Integrity Level:
MEDIUM
Description:
7Launcher - GTA 5 Setup
Exit code:
0
Version:
1.5.6
Modules
Images
c:\users\admin\downloads\7l_gta-v_latest_setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\comctl32.dll
1144"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4868 --field-trial-handle=2416,i,1581735379414894940,4119205758754360319,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1328"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5508 --field-trial-handle=2312,i,13092375669015010032,11525314223683788610,262144 --variations-seed-version /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1488"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2520 --field-trial-handle=2312,i,13092375669015010032,11525314223683788610,262144 --variations-seed-version /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1792"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --disable-quic --no-appcompat-clear --mojo-platform-channel-handle=5208 --field-trial-handle=1912,i,17095870920300690972,12841809025072091873,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
122.0.6261.70
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
Total events
33 254
Read events
33 112
Write events
128
Delete events
14

Modification events

(PID) Process:(6344) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(6344) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(6344) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(6344) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
0
(PID) Process:(6344) chrome.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
Operation:writeName:usagestats
Value:
0
(PID) Process:(4488) explorer.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000602AE
Operation:writeName:VirtualDesktop
Value:
1000000030304456A48A294F7A40804AB924005FF030B61F
(PID) Process:(4488) explorer.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppBadgeUpdated
Operation:writeName:Chrome
Value:
6
(PID) Process:(5788) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
Operation:writeName:{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
Value:
01000000000000007A7B9A879072DB01
(PID) Process:(4488) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:NodeSlots
Value:
02020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
(PID) Process:(4488) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:MRUListEx
Value:
040000000E0000000300000000000000100000000F0000000C0000000D0000000B000000050000000A000000090000000800000001000000070000000600000002000000FFFFFFFF
Executable files
30
Suspicious files
258
Text files
97
Unknown types
1

Dropped files

PID
Process
Filename
Type
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\chrome_cart_db\LOG.old~RF138ade.TMP
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old~RF138ade.TMP
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\chrome_cart_db\LOG.old
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\parcel_tracking_db\LOG.old~RF138ade.TMP
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\discounts_db\LOG.old~RF138ade.TMP
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\discounts_db\LOG.old
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old~RF138aee.TMP
MD5:
SHA256:
6344chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
26
TCP/UDP connections
225
DNS requests
218
Threats
23

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4712
MoUsoCoreWorker.exe
GET
200
2.18.121.147:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
4488
explorer.exe
GET
200
151.101.38.133:80
http://ocsp.globalsign.com/rootr3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT1nGh%2FJBjWKnkPdZIzB1bqhelHBwQUj%2FBLf6guRSSuTVD6Y5qL3uLdG7wCEHgDGEJFcIpBz28BuO60qVQ%3D
unknown
whitelisted
4488
explorer.exe
GET
200
151.101.38.133:80
http://ocsp.globalsign.com/codesigningrootr45/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQVFZP5vqhCrtRN5SWf40Rn6NM1IAQUHwC%2FRoAK%2FHg5t6W0Q9lWULvOljsCEHe9DgW3WQu2HUdhUx4%2Fde0%3D
unknown
whitelisted
4488
explorer.exe
GET
200
151.101.38.133:80
http://ocsp.globalsign.com/gsgccr45evcodesignca2020/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQaCbVYh07WONuW4e63Ydlu4AlbDAQUJZ3Q%2FFkJhmPF7POxEztXHAOSNhECDDbEJF4Z6ebz5Pml5A%3D%3D
unknown
whitelisted
5556
Run_GTAV.exe
GET
200
188.114.97.0:80
http://updater.se7enkills.net/gtav/en/
unknown
whitelisted
5556
Run_GTAV.exe
GET
200
188.114.97.0:80
http://updater.se7enkills.net/gtav/inf.ini
unknown
whitelisted
5064
SearchApp.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
5556
Run_GTAV.exe
GET
200
188.114.97.0:80
http://updater.se7enkills.net/tools/aria2/aria2.conf
unknown
whitelisted
5556
Run_GTAV.exe
GET
188.114.97.0:80
http://updater.se7enkills.net/images/eng/stalker-2-dl.png
unknown
whitelisted
5556
Run_GTAV.exe
GET
200
188.114.97.0:80
http://updater.se7enkills.net/images/eng/stalker-2-dl.png
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4712
MoUsoCoreWorker.exe
2.18.121.147:80
AKAMAI-AS
FR
unknown
2220
svchost.exe
2.18.121.147:80
AKAMAI-AS
FR
unknown
4712
MoUsoCoreWorker.exe
23.200.189.225:80
www.microsoft.com
Moratelindo Internet Exchange Point
ID
whitelisted
2220
svchost.exe
23.200.189.225:80
www.microsoft.com
Moratelindo Internet Exchange Point
ID
whitelisted
4
System
192.168.100.255:138
whitelisted
4712
MoUsoCoreWorker.exe
40.127.240.158:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2.23.227.208:443
Ooredoo Q.S.C.
QA
unknown
2220
svchost.exe
40.127.240.158:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
6576
chrome.exe
188.114.97.0:443
7launcher.com
CLOUDFLARENET
NL
whitelisted
6344
chrome.exe
239.255.255.250:1900
whitelisted

DNS requests

Domain
IP
Reputation
www.microsoft.com
  • 23.200.189.225
whitelisted
7launcher.com
  • 188.114.97.0
whitelisted
accounts.google.com
  • 142.250.102.84
whitelisted
pagead2.googlesyndication.com
  • 142.251.39.98
whitelisted
cdn.onesignal.com
  • 104.17.111.223
whitelisted
www.googletagmanager.com
  • 142.251.36.8
whitelisted
fonts.gstatic.com
  • 172.217.168.227
whitelisted
googleads.g.doubleclick.net
  • 142.251.36.2
whitelisted
www.google.com
  • 142.251.36.36
whitelisted
cackle.me
  • 95.213.129.125
unknown

Threats

PID
Process
Class
Message
3780
aria2c.exe
Potential Corporate Privacy Violation
ET P2P Possible Torrent Download via HTTP Request
3780
aria2c.exe
Potential Corporate Privacy Violation
ET P2P BitTorrent - Torrent File Downloaded
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
3780
aria2c.exe
Misc activity
INFO [ANY.RUN] P2P BitTorrent Protocol
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
3780
aria2c.exe
Potential Corporate Privacy Violation
GPL P2P BitTorrent announce request
3780
aria2c.exe
A Network Trojan was detected
ET USER_AGENTS Aria2 User-Agent
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://7launcher.com/gta-v/?lang=en