File name:

PrimoCache.Setup.3.0.2.exe

Full analysis: https://app.any.run/tasks/a84c427d-36b2-4674-b5a9-1ce9540278c8
Verdict: Malicious activity
Analysis date: August 30, 2024, 17:17:01
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

D9DA2D989EC9FBBC5D9B59F51772FC8B

SHA1:

F9C333991B0521E45034AF6359E23C76C2B0CB32

SHA256:

78B7E80E6F72D9F482A06720C0DA384F41634BD5D35519B7A42856EFEF4DD2A2

SSDEEP:

98304:egjGV3VFX70tgMX10a3DSkuP9TJwhjsSn5xZ8GUXiQ0cLX0Wc/xR9T9uxOQUuP2v:9GV3VF62vTCfajPA

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Drops the executable file immediately after the start

      • PrimoCache.Setup.3.0.2.exe (PID: 6900)
      • PrimoCache.Setup.3.0.2.exe (PID: 5712)
      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • fcsetup.exe (PID: 1292)

    • Reads security settings of Internet Explorer

      • PrimoCache.Setup.3.0.2.tmp (PID: 6196)

    • Executable content was dropped or overwritten

      • PrimoCache.Setup.3.0.2.exe (PID: 6900)
      • PrimoCache.Setup.3.0.2.exe (PID: 5712)
      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • fcsetup.exe (PID: 1292)

    • Reads the date of Windows installation

      • PrimoCache.Setup.3.0.2.tmp (PID: 6196)

    • Reads the Windows owner or organization settings

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)

    • Creates files in the driver directory

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • fcsetup.exe (PID: 1292)

    • Starts SC.EXE for service management

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)

    • Drops a system driver (possible attempt to evade defenses)

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • fcsetup.exe (PID: 1292)

    • The process executes via Task Scheduler

      • PLUGScheduler.exe (PID: 2392)

  • INFO

    • Checks supported languages

      • PrimoCache.Setup.3.0.2.exe (PID: 6900)
      • PrimoCache.Setup.3.0.2.tmp (PID: 6196)
      • PrimoCache.Setup.3.0.2.exe (PID: 5712)
      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • fcsetup.exe (PID: 1292)
      • PLUGScheduler.exe (PID: 2392)

    • Reads the computer name

      • PrimoCache.Setup.3.0.2.tmp (PID: 6196)
      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • PrimoCache.Setup.3.0.2.exe (PID: 6900)
      • PLUGScheduler.exe (PID: 2392)
      • fcsetup.exe (PID: 1292)

    • Create files in a temporary directory

      • PrimoCache.Setup.3.0.2.exe (PID: 6900)
      • PrimoCache.Setup.3.0.2.exe (PID: 5712)
      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)

    • Process checks computer location settings

      • PrimoCache.Setup.3.0.2.tmp (PID: 6196)

    • Creates files in the program directory

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
      • PLUGScheduler.exe (PID: 2392)

    • Creates a software uninstall entry

      • PrimoCache.Setup.3.0.2.tmp (PID: 7096)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable Delphi generic (57.2)
.exe | Win32 Executable (generic) (18.2)
.exe | Win16/32 Executable Delphi generic (8.3)
.exe | Generic Win/DOS Executable (8)
.exe | DOS Executable Generic (8)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2016:04:06 14:39:04+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 66560
InitializedDataSize: 349696
UninitializedDataSize: -
EntryPoint: 0x117dc
OSVersion: 5
ImageVersion: 6
SubsystemVersion: 5
Subsystem: Windows GUI
FileVersionNumber: 3.0.2.0
ProductVersionNumber: 3.0.2.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: Romex Software
FileDescription: PrimoCache Setup
FileVersion: 3.0.2
LegalCopyright: Copyright© Romex Software
ProductName: PrimoCache
ProductVersion: 3.0.2
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
246
Monitored processes
9
Malicious processes
3
Suspicious processes
2

Behavior graph

Click at the process to see the details
start primocache.setup.3.0.2.exe primocache.setup.3.0.2.tmp no specs primocache.setup.3.0.2.exe primocache.setup.3.0.2.tmp sc.exe no specs conhost.exe no specs fcsetup.exe conhost.exe no specs plugscheduler.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1292"C:\Program Files\PrimoCache\fcsetup.exe" -i "C:\Program Files\PrimoCache\drv\rxfcv.inf" 1C:\Program Files\PrimoCache\fcsetup.exe
PrimoCache.Setup.3.0.2.tmp
User:
admin
Company:
Romex Software
Integrity Level:
HIGH
Description:
fcsetup
Exit code:
0
Version:
1.1.0.1 built by: WinDDK
Modules
Images
c:\program files\primocache\fcsetup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
2096"sc" delete PrimoCacheSvcC:\Windows\System32\sc.exePrimoCache.Setup.3.0.2.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Service Control Manager Configuration Tool
Exit code:
1060
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\sc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\bcrypt.dll
2392"C:\Program Files\RUXIM\PLUGscheduler.exe"C:\Program Files\RUXIM\PLUGScheduler.exesvchost.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Update LifeCycle Component Scheduler
Exit code:
0
Version:
10.0.19041.3623 (WinBuild.160101.0800)
Modules
Images
c:\program files\ruxim\plugscheduler.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
5712"C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe" /SPAWNWND=$702FE /NOTIFYWND=$503A8 C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe
PrimoCache.Setup.3.0.2.tmp
User:
admin
Company:
Romex Software
Integrity Level:
HIGH
Description:
PrimoCache Setup
Exit code:
0
Version:
3.0.2
Modules
Images
c:\users\admin\desktop\primocache.setup.3.0.2.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\oleaut32.dll
6140\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exefcsetup.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
6196"C:\Users\admin\AppData\Local\Temp\is-2U7BT.tmp\PrimoCache.Setup.3.0.2.tmp" /SL5="$503A8,5393161,417280,C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe" C:\Users\admin\AppData\Local\Temp\is-2U7BT.tmp\PrimoCache.Setup.3.0.2.tmpPrimoCache.Setup.3.0.2.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-2u7bt.tmp\primocache.setup.3.0.2.tmp
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\oleaut32.dll
6848\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
6900"C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe" C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe
explorer.exe
User:
admin
Company:
Romex Software
Integrity Level:
MEDIUM
Description:
PrimoCache Setup
Exit code:
0
Version:
3.0.2
Modules
Images
c:\users\admin\desktop\primocache.setup.3.0.2.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\oleaut32.dll
7096"C:\Users\admin\AppData\Local\Temp\is-F628U.tmp\PrimoCache.Setup.3.0.2.tmp" /SL5="$C02B2,5393161,417280,C:\Users\admin\Desktop\PrimoCache.Setup.3.0.2.exe" /SPAWNWND=$702FE /NOTIFYWND=$503A8 C:\Users\admin\AppData\Local\Temp\is-F628U.tmp\PrimoCache.Setup.3.0.2.tmp
PrimoCache.Setup.3.0.2.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1052.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-f628u.tmp\primocache.setup.3.0.2.tmp
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\oleaut32.dll
Total events
2 408
Read events
2 365
Write events
37
Delete events
6

Modification events

(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Operation:writeName:Owner
Value:
B81B0000329D5F7400FBDA01
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Operation:writeName:SessionHash
Value:
33FD9D5DA913B2D62D02DDBBD154A4FC060281B5C718CE1D2AF0C7E2C323F3D2
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Operation:writeName:Sequence
Value:
1
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Operation:writeName:RegFiles0000
Value:
C:\Program Files\PrimoCache\FancyCcV.exe
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Operation:writeName:RegFilesHash
Value:
AFB5171423A33F8E06AD4F42146996BFE873B43AAE6AB9243B9F9DF66AC661C3
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Romex Software\FancyCcV
Operation:writeName:Version
Value:
50332160
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Romex Software\FancyCcV
Operation:writeName:Edition
Value:
1
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Romex Software\FancyCcV
Operation:writeName:Multilingual
Value:
enu
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Romex Software\FancyCcV
Operation:writeName:PrefetchPath
Value:
\DosDevices\C:\Program Files\PrimoCache\prefetch\
(PID) Process:(7096) PrimoCache.Setup.3.0.2.tmpKey:HKEY_CURRENT_USER\SOFTWARE\Romex Software\PrimoCache
Operation:writeName:LanguageId
Value:
1033
Executable files
17
Suspicious files
11
Text files
0
Unknown types
27

Dropped files

PID
Process
Filename
Type
6900PrimoCache.Setup.3.0.2.exeC:\Users\admin\AppData\Local\Temp\is-2U7BT.tmp\PrimoCache.Setup.3.0.2.tmpexecutable
MD5:6A76AFFC78BD582F7EEF9443A8F9FA45
SHA256:371275BD5678C23414234164D585B0547DC8A0E44FB387D86EF390B66BD44AFB
5712PrimoCache.Setup.3.0.2.exeC:\Users\admin\AppData\Local\Temp\is-F628U.tmp\PrimoCache.Setup.3.0.2.tmpexecutable
MD5:6A76AFFC78BD582F7EEF9443A8F9FA45
SHA256:371275BD5678C23414234164D585B0547DC8A0E44FB387D86EF390B66BD44AFB
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\is-LMDOG.tmpexecutable
MD5:4141C44A090D1A650461B310F46E9971
SHA256:2B9005F8A4002009893411F914FB3C9EE95317529D7E93015EAEC8CF1AAA44FB
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\drv\rxfcv.sysexecutable
MD5:8B5D6BD9BAC6631F91508E0E5B76C679
SHA256:2DAEB63FC4825349ACAD8DB9E8EBF6F76DE9E9F3901A5EC9C5965D4C40839CD3
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\fcsetup.exeexecutable
MD5:4141C44A090D1A650461B310F46E9971
SHA256:2B9005F8A4002009893411F914FB3C9EE95317529D7E93015EAEC8CF1AAA44FB
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\drv\rxfcv.catcat
MD5:E95271D11C503DB29F0B2835A83439EA
SHA256:0FFF2141BC07795980A3DC90E0C424BCE2EDF1C25B990D4831A3F91E8F7492BB
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\drv\is-LCJ4L.tmpbinary
MD5:0F618E0B61E530FFF92F343490EAA5DC
SHA256:5271D1BA8FAC2A0F865310F8894426D86A9C772FA3E0EAD7C3B987F0999A042C
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\drv\is-37A4P.tmpcat
MD5:E95271D11C503DB29F0B2835A83439EA
SHA256:0FFF2141BC07795980A3DC90E0C424BCE2EDF1C25B990D4831A3F91E8F7492BB
7096PrimoCache.Setup.3.0.2.tmpC:\Program Files\PrimoCache\drv\is-AMGMG.tmpexecutable
MD5:8B5D6BD9BAC6631F91508E0E5B76C679
SHA256:2DAEB63FC4825349ACAD8DB9E8EBF6F76DE9E9F3901A5EC9C5965D4C40839CD3
7096PrimoCache.Setup.3.0.2.tmpC:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoCache\PrimoCache.lnkbinary
MD5:6AE88027559582E36282A74D7952D635
SHA256:85CBACC532E93B3A13C83813A10C53C80A86F58FF8FB81E9463281F177651EDB
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
42
TCP/UDP connections
27
DNS requests
9
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
404
104.126.37.178:443
https://r.bing.com/rb/4N/jnc,nj/Btu7tBP0vQIHDIMxag4vCxAtQuY.js?bu=FrYs9ir8AYcriyuNK48rtCu9LIMs_BGfLKUswSz8AfwBpSjmK_oR8RH6K-sr&or=w
unknown
GET
200
104.126.37.123:443
https://www.bing.com/fd/ls/l?IG=16800713CD244755B15D5E88DF9D3BC0&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.ClientInst%22,%22FID%22:%22CI%22,%22Name%22:%22max%20errors%20reached%22}]
unknown
GET
104.126.37.128:443
https://r.bing.com/rb/16/jnc,nj/4bnLx4S3ZRMpYV30k3R5vRy8JVg.js?bu=DygxeIQBiQGMAYEBe37EAccBMbcBMcoB&or=w
unknown
GET
200
104.126.37.131:443
https://www.bing.com/manifest/threshold.appcache
unknown
text
3.36 Kb
POST
204
104.126.37.139:443
https://www.bing.com/threshold/xls.aspx
unknown
POST
204
104.126.37.130:443
https://www.bing.com/threshold/xls.aspx
unknown
POST
204
104.126.37.139:443
https://www.bing.com/fd/ls/lsp.aspx?
unknown
POST
204
104.126.37.136:443
https://www.bing.com/fd/ls/lsp.aspx?
unknown
POST
204
104.126.37.144:443
https://www.bing.com/fd/ls/lsp.aspx?
unknown
GET
200
104.126.37.170:443
https://www.bing.com/rb/18/jnc,nj/6hU_LneafI_NFLeDvM367ebFaKQ.js?bu=DyIrb3t-gQF4cnWyAbUBK6UBK7gB&or=w
unknown
s
21.3 Kb
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
6856
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
6428
RUXIMICS.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2120
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
2120
MoUsoCoreWorker.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
3888
svchost.exe
239.255.255.250:1900
whitelisted
6856
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4324
svchost.exe
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4
System
192.168.100.255:137
whitelisted
224.0.0.251:5353
unknown

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 40.127.240.158
  • 20.73.194.208
whitelisted
google.com
  • 142.250.181.238
whitelisted
self.events.data.microsoft.com
  • 20.189.173.7
  • 52.168.117.170
whitelisted
officeclient.microsoft.com
  • 52.109.28.46
whitelisted
ecs.office.com
  • 52.113.194.132
whitelisted
r.bing.com
  • 2.23.209.177
  • 2.23.209.166
  • 2.23.209.158
  • 2.23.209.182
  • 2.23.209.160
  • 2.23.209.176
  • 2.23.209.173
  • 2.23.209.175
  • 2.23.209.162
whitelisted
www.bing.com
  • 2.23.209.182
  • 2.23.209.183
  • 2.23.209.132
  • 2.23.209.189
  • 2.23.209.185
  • 2.23.209.176
  • 2.23.209.177
  • 2.23.209.133
  • 2.23.209.135
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
PrimoCache.Setup.3.0.2.exe