File name:

3DP_Chip_v2406.exe

Full analysis: https://app.any.run/tasks/1f4ce177-ccbd-4da9-8daf-1ebfd66f15b6
Verdict: Malicious activity
Analysis date: July 07, 2024, 09:56:13
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
themida
antivm
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

3C4B931BB3E99F68B10440ECABDE89B0

SHA1:

BDAB315D31440C13A7111E0F6F27C3F713ABA576

SHA256:

7F242700344EB40264FD711E4991D8CFBB766B3F5E6F6CF22186401455FA3D5A

SSDEEP:

98304:AQLmq8JkqfNSeArie72peNqh/MaG1Fhij6XvupMKFcbSu/9LNuJS0s6KLLogQ4J4:u6rhyVbOoLCS

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • 3DP_Chip_v2406.exe (PID: 3724)

  • SUSPICIOUS

    • Reads the BIOS version

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads security settings of Internet Explorer

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Checks Windows Trust Settings

      • 3DP_Chip_v2406.exe (PID: 3724)

    • There is functionality for VM detection (VirtualBox)

      • 3DP_Chip_v2406.exe (PID: 3724)

  • INFO

    • Reads Microsoft Office registry keys

      • 3DP_Chip_v2406.exe (PID: 3724)
      • msedge.exe (PID: 5624)
      • msedge.exe (PID: 2104)

    • Reads the software policy settings

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Themida protector has been detected

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads the machine GUID from the registry

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Application launched itself

      • msedge.exe (PID: 5624)
      • msedge.exe (PID: 2104)

    • Manual execution by a user

      • msedge.exe (PID: 2104)

    • Checks supported languages

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads the computer name

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Process checks whether UAC notifications are on

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads Environment values

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Checks proxy server information

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Creates files or folders in the user directory

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads product name

      • 3DP_Chip_v2406.exe (PID: 3724)

    • Reads CPU info

      • 3DP_Chip_v2406.exe (PID: 3724)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (52.9)
.exe | Generic Win/DOS Executable (23.5)
.exe | DOS Executable Generic (23.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:06:29 07:28:28+00:00
ImageFileCharacteristics: Executable, 32-bit
PEType: PE32
LinkerVersion: 14.16
CodeSize: 1896960
InitializedDataSize: 16130560
UninitializedDataSize: -
EntryPoint: 0x1601058
OSVersion: 5.1
ImageVersion: -
SubsystemVersion: 5.1
Subsystem: Windows GUI
FileVersionNumber: 24.6.0.0
ProductVersionNumber: 24.6.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
CompanyName: 3DP
FileDescription: 3DP Chip
FileVersion: 24.6.0.0
InternalName: 3DP_Chip.exe
LegalCopyright: 3DP. All rights reserved.
OriginalFileName: 3DP_Chip.exe
ProductName: 3DP Chip
ProductVersion: 24.6.0.0
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
140
Monitored processes
14
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start THREAT 3dp_chip_v2406.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs 3dp_chip_v2406.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1784"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3968 --field-trial-handle=2156,i,6127015587085904851,11874261852002226967,262144 --variations-seed-version /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1908"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2616 --field-trial-handle=2156,i,6127015587085904851,11874261852002226967,262144 --variations-seed-version /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1928"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.59 --initial-client-data=0x260,0x264,0x268,0x25c,0x270,0x7ffd9e4d5fd8,0x7ffd9e4d5fe4,0x7ffd9e4d5ff0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2104"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --do-not-de-elevate --single-argument https://dinfo.3dpchip.com/driver_info/service/download_driver_24.php?winver=10.0.1.256.19045&wow64=1&keyword=PCI\VEN_8086%26DEV_2415%26SUBSYS_11001AF4%26REV_01%26CC_040100&apiver=4&lang=1033&link=feedback&type=sc&guid=007AA930-850C-43C3-8A1D-476F32C6DBCC&ms=0&hash=11db2f45e71ee853ac9096ab46d9c791C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2404"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3648 --field-trial-handle=2156,i,6127015587085904851,11874261852002226967,262144 --variations-seed-version /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2520"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3492 --field-trial-handle=2156,i,6127015587085904851,11874261852002226967,262144 --variations-seed-version /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3068"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.59 --initial-client-data=0x2fc,0x300,0x304,0x2f8,0x30c,0x7ffd9e4d5fd8,0x7ffd9e4d5fe4,0x7ffd9e4d5ff0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
3724"C:\Users\admin\Desktop\3DP_Chip_v2406.exe" C:\Users\admin\Desktop\3DP_Chip_v2406.exe
explorer.exe
User:
admin
Company:
3DP
Integrity Level:
HIGH
Description:
3DP Chip
Version:
24.6.0.0
Modules
Images
c:\users\admin\desktop\3dp_chip_v2406.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
3880"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2300 --field-trial-handle=2304,i,17399294829788832125,15627526941709742084,262144 --variations-seed-version /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
4084"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2236 --field-trial-handle=2156,i,6127015587085904851,11874261852002226967,262144 --variations-seed-version /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
122.0.2365.59
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\122.0.2365.59\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
10 680
Read events
10 638
Write events
41
Delete events
1

Modification events

(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\3DP Chip
Operation:writeName:GUID
Value:
007AA930-850C-43C3-8A1D-476F32C6DBCC
(PID) Process:(3724) 3DP_Chip_v2406.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Operation:writeName:SlowContextMenuEntries
Value:
6024B221EA3A6910A2DC08002B30309D0A010000BD0E0C47735D584D9CEDE91E22E23282770100000114020000000000C0000000000000468D0000006078A409B011A54DAFA526D86198A780390100009AD298B2EDA6DE11BA8CA68E55D895936E000000
(PID) Process:(5624) msedge.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
Operation:writeName:failed_count
Value:
0
Executable files
0
Suspicious files
23
Text files
24
Unknown types
0

Dropped files

PID
Process
Filename
Type
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old~RF1f4a8f.TMP
MD5:
SHA256:
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old~RF1f4a8f.TMP
MD5:
SHA256:
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old~RF1f4a8f.TMP
MD5:
SHA256:
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\discounts_db\LOG.old
MD5:
SHA256:
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
37243DP_Chip_v2406.exeC:\WINDOWS\INF\machine.PNFbinary
MD5:3C09D18CE8063C83B2903AF7FF3A59C0
SHA256:BAB88557E9F96D45F5BF54CA5401297C2325DB23C97D956B7330FBB00A4448C8
5624msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Last Versiontext
MD5:C7E2197BAE099B13BBB3ADEB1433487D
SHA256:3460EEAF45D581DD43A6E4E17AF8102DDAFF5AEAA88B10099527CF85211629E9
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
2104msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgePushStorageWithConnectTokenAndKey\LOG.old~RF1f4a9e.TMP
MD5:
SHA256:
37243DP_Chip_v2406.exeC:\WINDOWS\INF\display.PNFbinary
MD5:EE5840543C87B3F2F7142F65F1C8BE59
SHA256:F62414EECAD9462BC8662841F862C6DEC6AB3274BF335DDC6BF745597B397D3C
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
25
TCP/UDP connections
32
DNS requests
7
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3828
RUXIMICS.exe
GET
200
2.22.242.90:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
DE
binary
1.01 Kb
unknown
GET
200
66.70.181.7:443
https://dinfo.3dpchip.com/version_chip/version_chip.html?version=240629
CA
text
20 b
unknown
4448
MoUsoCoreWorker.exe
GET
200
2.22.242.90:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
DE
binary
1.01 Kb
unknown
3828
RUXIMICS.exe
GET
200
95.101.149.131:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
NL
binary
973 b
unknown
GET
200
66.70.181.7:443
https://dinfo.3dpchip.com/driver_info/api/get_dp_info_24.php?apiver=4&winver=10.0.1.256.19045&wow64=1&guid=007AA930-850C-43C3-8A1D-476F32C6DBCC&provider=x&keyword[]=PCI\VEN_8086%26DEV_1237%26SUBSYS_11001AF4%26REV_02&keyword[]=PCI\VEN_8086%26DEV_2415%26SUBSYS_11001AF4%26REV_01&keyword[]=PCI\VEN_8086%26DEV_100E%26SUBSYS_11001AF4%26REV_03
CA
binary
196 b
unknown
GET
200
92.123.104.58:443
https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=regedi&setlang=en-US&cc=US&nohs=1&qfm=1&cp=6&cvid=917f2af1fe65416cbd620a4b992edbf0&ig=46856f19730442d7bfc8a588e4a577aa
unknown
binary
3.98 Kb
unknown
GET
200
92.123.104.62:443
https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=regedit&setlang=en-US&cc=US&nohs=1&qfm=1&cp=7&cvid=917f2af1fe65416cbd620a4b992edbf0&ig=0c07db2ed43b472383863f523ee03420
unknown
binary
4.79 Kb
unknown
GET
200
92.123.104.50:443
https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=re&setlang=en-US&cc=US&nohs=1&qfm=1&cp=2&cvid=917f2af1fe65416cbd620a4b992edbf0&ig=886f7dfaf8a943d7ac515843550c84b9
unknown
binary
6.58 Kb
unknown
GET
92.123.104.51:443
https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=reg&setlang=en-US&cc=US&nohs=1&qfm=1&cp=3&cvid=917f2af1fe65416cbd620a4b992edbf0&ig=65838b980f4f409493f636a698a90235
unknown
unknown
GET
200
92.123.104.52:443
https://www.bing.com/AS/API/WindowsCortanaPane/V2/Suggestions?qry=reged&setlang=en-US&cc=US&nohs=1&qfm=1&cp=5&cvid=917f2af1fe65416cbd620a4b992edbf0&ig=d9fc350f72484720963919f484813311
unknown
binary
4.71 Kb
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
1968
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
3828
RUXIMICS.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4448
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4032
svchost.exe
239.255.255.250:1900
whitelisted
3724
3DP_Chip_v2406.exe
66.70.181.7:80
dinfo.3dpchip.com
OVH SAS
CA
unknown
3828
RUXIMICS.exe
2.22.242.90:80
crl.microsoft.com
Akamai International B.V.
DE
unknown
4448
MoUsoCoreWorker.exe
2.22.242.90:80
crl.microsoft.com
Akamai International B.V.
DE
unknown
3724
3DP_Chip_v2406.exe
66.70.181.7:443
dinfo.3dpchip.com
OVH SAS
CA
unknown
3828
RUXIMICS.exe
95.101.149.131:80
www.microsoft.com
Akamai International B.V.
NL
unknown

DNS requests

Domain
IP
Reputation
dinfo.3dpchip.com
  • 66.70.181.7
unknown
crl.microsoft.com
  • 2.22.242.90
  • 2.22.242.121
whitelisted
www.microsoft.com
  • 95.101.149.131
whitelisted
settings-win.data.microsoft.com
  • 40.127.240.158
  • 51.104.136.2
whitelisted
self.events.data.microsoft.com
  • 52.182.143.215
whitelisted
www.bing.com
  • 23.15.178.250
  • 23.15.178.233
  • 23.15.178.249
  • 23.15.178.224
  • 23.15.178.242
  • 23.15.178.251
  • 23.15.178.146
  • 23.15.178.219
  • 23.15.178.248
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
3DP_Chip_v2406.exe