File name:

Butterfly On Desktop_1.0.exe

Full analysis: https://app.any.run/tasks/c79a448f-30b2-420b-88a8-97a5f95ab455
Verdict: Malicious activity
Analysis date: February 20, 2024, 18:22:25
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5:

B0A46BDCEEC5B9BEE139749A207EF7F8

SHA1:

279D59A3DD772D97F47F9516C897B3DD42F742C0

SHA256:

78FE70328471CC2149EF0DF79215F10CB53C4D32DD4193F39C50ABBD9EAB2EEF

SSDEEP:

196608:wjPllBkm9+zoSfSOspbLik8S6sB0UzXFNfj+ugK:wj9Im9+MISOgbLikn6L4X/hH

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Actions looks like stealing of personal data

      • Butterfly On Desktop_1.0.exe (PID: 3660)

  • SUSPICIOUS

    • Process drops legitimate windows executable

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • The process creates files with name similar to system file names

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads the Internet Settings

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Executable content was dropped or overwritten

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads security settings of Internet Explorer

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • The process drops C-runtime libraries

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads the Windows owner or organization settings

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Checks Windows Trust Settings

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads settings of System Certificates

      • Butterfly On Desktop_1.0.exe (PID: 3660)
      • saBSI.exe (PID: 696)

    • Adds/modifies Windows certificates

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Searches for installed software

      • Butterfly On Desktop_1.0.exe (PID: 3660)

  • INFO

    • Reads the computer name

      • Butterfly On Desktop_1.0.exe (PID: 3660)
      • saBSI.exe (PID: 696)

    • Checks supported languages

      • Butterfly On Desktop_1.0.exe (PID: 3660)
      • saBSI.exe (PID: 696)

    • Reads the machine GUID from the registry

      • Butterfly On Desktop_1.0.exe (PID: 3660)
      • saBSI.exe (PID: 696)

    • Reads Environment values

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Create files in a temporary directory

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads product name

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Reads the software policy settings

      • Butterfly On Desktop_1.0.exe (PID: 3660)
      • saBSI.exe (PID: 696)

    • Creates files or folders in the user directory

      • Butterfly On Desktop_1.0.exe (PID: 3660)

    • Creates files in the program directory

      • saBSI.exe (PID: 696)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (64.6)
.dll | Win32 Dynamic Link Library (generic) (15.4)
.exe | Win32 Executable (generic) (10.5)
.exe | Generic Win/DOS Executable (4.6)
.exe | DOS Executable Generic (4.6)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2023:03:28 15:40:28+00:00
ImageFileCharacteristics: Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 4022784
InitializedDataSize: 2968064
UninitializedDataSize: -
EntryPoint: 0x3d807e
OSVersion: 4
ImageVersion: -
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.1.2.6582
ProductVersionNumber: 1.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
FileVersion: 1.1.2.6582
ProductVersion: 1
Comments: -
CompanyName: Drive Software Company
FileDescription: Software Installation
InternalName: -
LegalCopyright: ITNT SRL
LegalTrademarks: -
OriginalFileName: GenericSetup.exe
ProductName: Butterfly On Desktop
AssemblyVersion: 1.1.2.6582
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
41
Monitored processes
3
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start butterfly on desktop_1.0.exe sabsi.exe butterfly on desktop_1.0.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
696"saBSI.exe" /affid 91212 PaidDistribution=true InstallID=c595eb90-076e-4ca6-a6f6-27d6ffb037f0 subID=TETC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\saBSI.exe
Butterfly On Desktop_1.0.exe
User:
admin
Company:
McAfee, LLC
Integrity Level:
HIGH
Description:
McAfee WebAdvisor(bootstrap installer)
Exit code:
0
Version:
4,1,1,663
Modules
Images
c:\users\admin\appdata\local\temp\3354215998cc498efdf76f123473fe62\sabsi.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
3660"C:\Users\admin\AppData\Local\Temp\Butterfly On Desktop_1.0.exe" C:\Users\admin\AppData\Local\Temp\Butterfly On Desktop_1.0.exe
explorer.exe
User:
admin
Company:
Drive Software Company
Integrity Level:
HIGH
Description:
Software Installation
Exit code:
0
Version:
1.1.2.6582
Modules
Images
c:\users\admin\appdata\local\temp\butterfly on desktop_1.0.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
3672"C:\Users\admin\AppData\Local\Temp\Butterfly On Desktop_1.0.exe" C:\Users\admin\AppData\Local\Temp\Butterfly On Desktop_1.0.exeexplorer.exe
User:
admin
Company:
Drive Software Company
Integrity Level:
MEDIUM
Description:
Software Installation
Exit code:
3221226540
Version:
1.1.2.6582
Modules
Images
c:\users\admin\appdata\local\temp\butterfly on desktop_1.0.exe
c:\windows\system32\ntdll.dll
Total events
11 382
Read events
11 278
Write events
95
Delete events
9

Modification events

(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
Operation:writeName:PendingFileRenameOperations
Value:
\??\C:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\ServiceHide.dll
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates
Operation:delete valueName:9F6134C5FA75E4FDDE631B232BE961D6D4B97DB6
Value:
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates\9F6134C5FA75E4FDDE631B232BE961D6D4B97DB6
Operation:writeName:Blob
Value:
0F00000001000000200000009065F32AFC2CFEA7F452D2D6BE94D20C877EFC1C05433D9935696193FDCC05D80300000001000000140000009F6134C5FA75E4FDDE631B232BE961D6D4B97DB6200000000100000047030000308203433082022BA00302010202147327B7C17D5AE708EF73F1F45A79D78B4E99A29F300D06092A864886F70D01010B05003031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C084469676943657274301E170D3233303932393130353030335A170D3339303530383130353030335A3031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C08446967694365727430820122300D06092A864886F70D01010105000382010F003082010A0282010100D91B7A55548F44F3E97C493153B75B055695736B184640D7335A2E6218083B5A1BEE2695209350E57A3EB76FBC604CB3B250DF3D9D0C560D1FBDFE30108D233A3C555100BE1A3F8E543C0B253E06E91B6D5F9CB3A093009BC8B4D3A0EB19DB59E56DA7E3D637847970D6C2AEB4A1FCF3896A7C080FE68759BAA62E6AAA8B7C7CBDA176DDC72F8D259A16D3469E31F19D2959904611D730D7D26FCFED789A0C49698FDFABF3F6727D08C61A073BB11E85C96486D49B0E0D38364C008A5EB964F8813C5DF004F9E76D2F8DB90702D800032674959BF0DF823785419101CEA928A10ACBAE7E48FE19202F3CB7BCF416476D17CB64C5570FCED443BD75D9F2C632FF0203010001A3533051301D0603551D0E041604145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7301F0603551D230418301680145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7300F0603551D130101FF040530030101FF300D06092A864886F70D01010B05000382010100AF2218E4CA18144728FCC76EA14958061522FD4A018BED1A4BFCC5CCE70BC6AE9DF7D3795C9A010D53628E2B6E7C10D6B07E53546235A5EE480E5A434E312154BF1E39AAC27D2C18D4F41CBBECFE4538CEF93EF62C17D187A7F720F4A9478410D09620C9F8B293B5786A5440BC0743B7B7753CF66FBA498B7E083BC267597238DC031B9BB131F997D9B8164AAED0D6E328420E53E1969DA6CD035078179677A7177BB2BF9C87CF592910CD380E8501B92040A39469C782BA383BEAE498C060FCC7C429BC10B7B6B7A0659C9BE03DC13DB46C638CF5E3B22A303726906DC8DD91C64501EBFC282A3A497EC430CACC066EE4BF9C5C8F2F2A05D0C1921A9E3E85E3
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates\9F6134C5FA75E4FDDE631B232BE961D6D4B97DB6
Operation:writeName:Blob
Value:
1400000001000000140000005D6CA352CEFC713CBBC5E21F663C3639FD19D4D70300000001000000140000009F6134C5FA75E4FDDE631B232BE961D6D4B97DB60F00000001000000200000009065F32AFC2CFEA7F452D2D6BE94D20C877EFC1C05433D9935696193FDCC05D8200000000100000047030000308203433082022BA00302010202147327B7C17D5AE708EF73F1F45A79D78B4E99A29F300D06092A864886F70D01010B05003031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C084469676943657274301E170D3233303932393130353030335A170D3339303530383130353030335A3031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C08446967694365727430820122300D06092A864886F70D01010105000382010F003082010A0282010100D91B7A55548F44F3E97C493153B75B055695736B184640D7335A2E6218083B5A1BEE2695209350E57A3EB76FBC604CB3B250DF3D9D0C560D1FBDFE30108D233A3C555100BE1A3F8E543C0B253E06E91B6D5F9CB3A093009BC8B4D3A0EB19DB59E56DA7E3D637847970D6C2AEB4A1FCF3896A7C080FE68759BAA62E6AAA8B7C7CBDA176DDC72F8D259A16D3469E31F19D2959904611D730D7D26FCFED789A0C49698FDFABF3F6727D08C61A073BB11E85C96486D49B0E0D38364C008A5EB964F8813C5DF004F9E76D2F8DB90702D800032674959BF0DF823785419101CEA928A10ACBAE7E48FE19202F3CB7BCF416476D17CB64C5570FCED443BD75D9F2C632FF0203010001A3533051301D0603551D0E041604145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7301F0603551D230418301680145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7300F0603551D130101FF040530030101FF300D06092A864886F70D01010B05000382010100AF2218E4CA18144728FCC76EA14958061522FD4A018BED1A4BFCC5CCE70BC6AE9DF7D3795C9A010D53628E2B6E7C10D6B07E53546235A5EE480E5A434E312154BF1E39AAC27D2C18D4F41CBBECFE4538CEF93EF62C17D187A7F720F4A9478410D09620C9F8B293B5786A5440BC0743B7B7753CF66FBA498B7E083BC267597238DC031B9BB131F997D9B8164AAED0D6E328420E53E1969DA6CD035078179677A7177BB2BF9C87CF592910CD380E8501B92040A39469C782BA383BEAE498C060FCC7C429BC10B7B6B7A0659C9BE03DC13DB46C638CF5E3B22A303726906DC8DD91C64501EBFC282A3A497EC430CACC066EE4BF9C5C8F2F2A05D0C1921A9E3E85E3
(PID) Process:(3660) Butterfly On Desktop_1.0.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates\9F6134C5FA75E4FDDE631B232BE961D6D4B97DB6
Operation:writeName:Blob
Value:
190000000100000010000000BCC80DAA2F98A4692805BFF4CBB372EB0F00000001000000200000009065F32AFC2CFEA7F452D2D6BE94D20C877EFC1C05433D9935696193FDCC05D80300000001000000140000009F6134C5FA75E4FDDE631B232BE961D6D4B97DB61400000001000000140000005D6CA352CEFC713CBBC5E21F663C3639FD19D4D7200000000100000047030000308203433082022BA00302010202147327B7C17D5AE708EF73F1F45A79D78B4E99A29F300D06092A864886F70D01010B05003031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C084469676943657274301E170D3233303932393130353030335A170D3339303530383130353030335A3031310B3009060355040613025553310F300D06035504080C06426F73746F6E3111300F060355040A0C08446967694365727430820122300D06092A864886F70D01010105000382010F003082010A0282010100D91B7A55548F44F3E97C493153B75B055695736B184640D7335A2E6218083B5A1BEE2695209350E57A3EB76FBC604CB3B250DF3D9D0C560D1FBDFE30108D233A3C555100BE1A3F8E543C0B253E06E91B6D5F9CB3A093009BC8B4D3A0EB19DB59E56DA7E3D637847970D6C2AEB4A1FCF3896A7C080FE68759BAA62E6AAA8B7C7CBDA176DDC72F8D259A16D3469E31F19D2959904611D730D7D26FCFED789A0C49698FDFABF3F6727D08C61A073BB11E85C96486D49B0E0D38364C008A5EB964F8813C5DF004F9E76D2F8DB90702D800032674959BF0DF823785419101CEA928A10ACBAE7E48FE19202F3CB7BCF416476D17CB64C5570FCED443BD75D9F2C632FF0203010001A3533051301D0603551D0E041604145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7301F0603551D230418301680145D6CA352CEFC713CBBC5E21F663C3639FD19D4D7300F0603551D130101FF040530030101FF300D06092A864886F70D01010B05000382010100AF2218E4CA18144728FCC76EA14958061522FD4A018BED1A4BFCC5CCE70BC6AE9DF7D3795C9A010D53628E2B6E7C10D6B07E53546235A5EE480E5A434E312154BF1E39AAC27D2C18D4F41CBBECFE4538CEF93EF62C17D187A7F720F4A9478410D09620C9F8B293B5786A5440BC0743B7B7753CF66FBA498B7E083BC267597238DC031B9BB131F997D9B8164AAED0D6E328420E53E1969DA6CD035078179677A7177BB2BF9C87CF592910CD380E8501B92040A39469C782BA383BEAE498C060FCC7C429BC10B7B6B7A0659C9BE03DC13DB46C638CF5E3B22A303726906DC8DD91C64501EBFC282A3A497EC430CACC066EE4BF9C5C8F2F2A05D0C1921A9E3E85E3
Executable files
19
Suspicious files
0
Text files
17
Unknown types
0

Dropped files

PID
Process
Filename
Type
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\MyDownloader.Core.dllexecutable
MD5:F931E960CC4ED0D2F392376525FF44DB
SHA256:1C1C5330EA35F518BF85FAD69DC2DA1A98A4DFEADBF6AC0BA0AC7CC51BBCC870
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\vcruntime140.dllexecutable
MD5:1A84957B6E681FCA057160CD04E26B27
SHA256:9FAEAA45E8CC986AF56F28350B38238B03C01C355E9564B849604B8D690919C5
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\ServiceHide.Net.dllexecutable
MD5:FC3BE382CC3A7B4FAFEE4FDD465CAB2E
SHA256:42C2156B7EEE3BF8BEE8D0C1D3D3F138E059DDDA342CF8EE0D723130FB865304
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OViewModels.dllexecutable
MD5:0EF343471A5777B6F90D9AE85164449E
SHA256:295B970CD45CA0D9577D5CE875DE5CF92367FCB6C7794E525B00090FA1AD62D6
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OServices.dllexecutable
MD5:046EDD0EE8296E611920786C4F25CD7A
SHA256:EED0EABB8ECBF5D30ABC0ED992F2EC2F28FA2E7D5588A090D357AF424A4DDD84
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\OfferSDK.dllexecutable
MD5:1105B8B33B0F019651566B87959512E2
SHA256:9A059883BEE5177723B1A971172010A349DB64C1DD60FCB3BBF190FE0E78BB07
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\SciterWrapper.dllexecutable
MD5:6CBC4475B6AF8A6F68ED8696DF09FF2D
SHA256:51E42FF1D66F3042E512BE1DD60AC1C7B1A2A5307ACD191DFFCF24EF106C8970
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\msvcp140.dllexecutable
MD5:8FF1898897F3F4391803C7253366A87B
SHA256:51398691FEEF7AE0A876B523AEC47C4A06D9A1EE62F1A0AEE27DE6D6191C68AD
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Adaware\Butterfly_On_Desktop_1.0._Url_gu4hyhdhsb1at2hgdj5oe4fh1bsyurg4\1.1.2.6582\user.configxml
MD5:C76D70D8440A273C2B2A2764F33323B8
SHA256:8F6658DFB498D9BC831670DFFD055D850D327A2DEFD82E1F24416316B037135D
3660Butterfly On Desktop_1.0.exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OModels.dllexecutable
MD5:E57646A871A04782FD546583A01D62B4
SHA256:F5138FE637E5B1B735FB2E54607147CEB973CC537AD07690EF1BCA27AC6DA4B5
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
33
DNS requests
14
Threats
11

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
3660
Butterfly On Desktop_1.0.exe
104.18.67.73:443
h2oapi.adaware.com
CLOUDFLARENET
unknown
3660
Butterfly On Desktop_1.0.exe
104.17.8.52:443
flow.lavasoft.com
CLOUDFLARENET
shared
3660
Butterfly On Desktop_1.0.exe
104.18.68.73:443
h2oapi.adaware.com
CLOUDFLARENET
unknown
3660
Butterfly On Desktop_1.0.exe
18.245.60.39:443
dl.vidconvert.io
US
unknown
3660
Butterfly On Desktop_1.0.exe
88.221.125.82:443
package.avira.com
AKAMAI-AS
DE
unknown
3660
Butterfly On Desktop_1.0.exe
104.21.31.55:443
cdn.supernovaprizes.com
CLOUDFLARENET
unknown
3660
Butterfly On Desktop_1.0.exe
18.239.50.45:443
anypdf.com
US
unknown

DNS requests

Domain
IP
Reputation
h2oapi.adaware.com
  • 104.18.67.73
  • 104.18.68.73
unknown
www.google.com
  • 142.250.184.228
whitelisted
flow.lavasoft.com
  • 104.17.8.52
  • 104.17.9.52
whitelisted
sos.adaware.com
  • 104.18.68.73
  • 104.18.67.73
whitelisted
dl.vidconvert.io
  • 18.245.60.39
  • 18.245.60.127
  • 18.245.60.52
  • 18.245.60.117
unknown
sdl.adaware.com
  • 104.18.67.73
  • 104.18.68.73
whitelisted
package.avira.com
  • 88.221.125.82
unknown
cdn.supernovaprizes.com
  • 104.21.31.55
  • 172.67.175.2
unknown
anypdf.com
  • 18.239.50.45
  • 18.239.50.61
  • 18.239.50.4
  • 18.239.50.122
  • 18.245.86.61
  • 18.245.86.41
  • 18.245.86.11
  • 18.245.86.56
unknown
download.enigmasoftware.com
  • 18.245.86.53
  • 18.245.86.28
  • 18.245.86.74
  • 18.245.86.104
shared

Threats

Found threats are available for the paid subscriptions
11 ETPRO signatures available at the full report
Process
Message
Butterfly On Desktop_1.0.exe
Butterfly On Desktop_1.0.exe
Butterfly On Desktop_1.0.exe
file:resources/tis/TranslateOfferTemplate.tis(82) : warning :'async' does not contain any 'await'
Butterfly On Desktop_1.0.exe
Error: File not found - sciterwrapper:console.tis
Butterfly On Desktop_1.0.exe
at sciter:init-script.tis
Butterfly On Desktop_1.0.exe
Error: File not found - sciterwrapper:console.tis
Butterfly On Desktop_1.0.exe
at sciter:init-script.tis
Butterfly On Desktop_1.0.exe
Butterfly On Desktop_1.0.exe
Butterfly On Desktop_1.0.exe
file:resources/tis/TranslateOfferTemplate.tis(82) : warning :'async' does not contain any 'await'
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Butterfly On Desktop_1.0.exe