| File name: | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin |
| Full analysis: | https://app.any.run/tasks/5250f9f7-3bfd-4e86-969d-5272a5038839 |
| Verdict: | Malicious activity |
| Threats: | Stealers are a group of malicious software that are intended for gaining unauthorized access to users’ information and transferring it to the attacker. The stealer malware category includes various types of programs that focus on their particular kind of data, including files, passwords, and cryptocurrency. Stealers are capable of spying on their targets by recording their keystrokes and taking screenshots. This type of malware is primarily distributed as part of phishing campaigns. |
| Analysis date: | May 28, 2025, 20:12:15 |
| OS: | Windows 11 Professional (build: 22000, 64 bit) |
| Tags: | |
| Indicators: | |
| MIME: | application/vnd.microsoft.portable-executable |
| File info: | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| MD5: | 9C1BDF30DFF02E6E184E95641D31E364 |
| SHA1: | 5ACCE2F9749C8473E24B3A25A48B06BFE680A366 |
| SHA256: | 941E3FDC3BCF2AE722034519E5C06140202B8636C6E1836D357D81FC1F53A4A9 |
| SSDEEP: | 98304:OYEqiDZtofGXrGdWpRrhFzk0GGExrD3bHh4AOg/vcxDFhBk5fl+FO2lJoFyTnKvp:grSe5vCshn6EQ6r5fH+ |
MALICIOUS
Steals credentials from Web Browsers
- setup.exe (PID: 3780)
- setup.exe (PID: 3624)
- setup.exe (PID: 1296)
- setup.exe (PID: 708)
- assistant_installer.exe (PID: 2720)
- assistant_installer.exe (PID: 3616)
- installer.exe (PID: 4384)
- installer.exe (PID: 2896)
- assistant_installer.exe (PID: 5428)
- assistant_installer.exe (PID: 604)
- assistant_installer.exe (PID: 5748)
- assistant_installer.exe (PID: 3040)
- opera.exe (PID: 4296)
- opera_crashreporter.exe (PID: 1480)
- opera_crashreporter.exe (PID: 3360)
- opera.exe (PID: 3392)
- opera_crashreporter.exe (PID: 5132)
- opera.exe (PID: 2384)
- opera_crashreporter.exe (PID: 4132)
- opera.exe (PID: 4572)
- opera_crashreporter.exe (PID: 5468)
- opera.exe (PID: 1992)
- browser_assistant.exe (PID: 3156)
- browser_assistant.exe (PID: 5248)
- opera_crashreporter.exe (PID: 4564)
- opera.exe (PID: 5116)
- opera.exe (PID: 3040)
- opera_crashreporter.exe (PID: 1800)
Actions looks like stealing of personal data
- setup.exe (PID: 3780)
- opera_crashreporter.exe (PID: 1480)
- opera_crashreporter.exe (PID: 3360)
- opera.exe (PID: 3392)
- opera_crashreporter.exe (PID: 5132)
- opera_crashreporter.exe (PID: 5468)
- browser_assistant.exe (PID: 5248)
- opera_crashreporter.exe (PID: 4132)
- opera_crashreporter.exe (PID: 4564)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 3040)
Changes the autorun value in the registry
- assistant_installer.exe (PID: 5428)
SUSPICIOUS
Reads security settings of Internet Explorer
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- installer.exe (PID: 4384)
- browser_assistant.exe (PID: 3156)
Reads the Internet Settings
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- opera.exe (PID: 3392)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 3040)
Checks for external IP
- svchost.exe (PID: 1664)
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
Reads settings of System Certificates
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- installer.exe (PID: 4384)
- browser_assistant.exe (PID: 3156)
Executable content was dropped or overwritten
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- OperaSetup.exe (PID: 2460)
- setup.exe (PID: 3624)
- setup.exe (PID: 3780)
- setup.exe (PID: 1296)
- setup.exe (PID: 708)
- Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 2740)
- setup.exe (PID: 3048)
- installer.exe (PID: 2896)
- installer.exe (PID: 4384)
- assistant_installer.exe (PID: 5428)
- installer.exe (PID: 4180)
- installer.exe (PID: 624)
- installer.exe (PID: 4288)
- opera.exe (PID: 6472)
- opera_autoupdate.exe (PID: 7056)
Application launched itself
- setup.exe (PID: 3780)
- setup.exe (PID: 1296)
- assistant_installer.exe (PID: 3616)
- installer.exe (PID: 4384)
- assistant_installer.exe (PID: 5428)
- assistant_installer.exe (PID: 5748)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 3392)
- opera.exe (PID: 3040)
- installer.exe (PID: 4180)
- opera_autoupdate.exe (PID: 3624)
- opera_autoupdate.exe (PID: 6136)
- opera_autoupdate.exe (PID: 7056)
Starts itself from another location
- setup.exe (PID: 3780)
Process drops legitimate windows executable
- Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 2740)
- assistant_installer.exe (PID: 5428)
Creates a software uninstall entry
- installer.exe (PID: 4384)
Searches for installed software
- installer.exe (PID: 4384)
- browser_assistant.exe (PID: 3156)
Reads the date of Windows installation
- installer.exe (PID: 4384)
Changes Internet Explorer settings (feature browser emulation)
- assistant_installer.exe (PID: 5428)
The process executes via Task Scheduler
- opera_autoupdate.exe (PID: 7056)
INFO
Checks supported languages
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- OperaSetup.exe (PID: 2460)
- setup.exe (PID: 3624)
- setup.exe (PID: 3780)
- setup.exe (PID: 3048)
- setup.exe (PID: 708)
- setup.exe (PID: 1296)
- Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 2740)
- assistant_installer.exe (PID: 3616)
- assistant_installer.exe (PID: 2720)
- installer.exe (PID: 4384)
- installer.exe (PID: 2896)
- assistant_installer.exe (PID: 604)
- assistant_installer.exe (PID: 5428)
- opera.exe (PID: 4296)
- assistant_installer.exe (PID: 3040)
- assistant_installer.exe (PID: 5748)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 3392)
- opera_crashreporter.exe (PID: 1480)
- opera_crashreporter.exe (PID: 3360)
- opera.exe (PID: 2384)
- browser_assistant.exe (PID: 5248)
- opera_crashreporter.exe (PID: 5132)
- opera.exe (PID: 5368)
- opera.exe (PID: 1072)
- opera_crashreporter.exe (PID: 4132)
- opera.exe (PID: 1992)
- opera.exe (PID: 5116)
- opera.exe (PID: 4572)
- opera_crashreporter.exe (PID: 5468)
- opera_crashreporter.exe (PID: 1800)
- opera.exe (PID: 3040)
- opera.exe (PID: 1076)
- opera_crashreporter.exe (PID: 4564)
- opera.exe (PID: 1600)
- opera.exe (PID: 988)
- opera.exe (PID: 5180)
- opera.exe (PID: 3324)
- opera.exe (PID: 4180)
- opera.exe (PID: 4368)
- opera.exe (PID: 2836)
- opera.exe (PID: 5212)
- opera.exe (PID: 1840)
- opera.exe (PID: 3616)
- opera_gx_splash.exe (PID: 6432)
- opera.exe (PID: 4184)
- opera.exe (PID: 2560)
Reads the computer name
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- setup.exe (PID: 1296)
- installer.exe (PID: 4384)
- assistant_installer.exe (PID: 3616)
- assistant_installer.exe (PID: 5428)
- assistant_installer.exe (PID: 5748)
- opera.exe (PID: 3392)
- opera.exe (PID: 4296)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 2384)
- opera.exe (PID: 1072)
- opera.exe (PID: 4572)
- opera.exe (PID: 1992)
- opera.exe (PID: 5368)
- opera.exe (PID: 3040)
- opera.exe (PID: 5116)
- opera.exe (PID: 1600)
- opera.exe (PID: 5180)
- opera_gx_splash.exe (PID: 6432)
Reads the machine GUID from the registry
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- installer.exe (PID: 4384)
- opera.exe (PID: 3392)
- opera.exe (PID: 3040)
- browser_assistant.exe (PID: 3156)
Creates files in the program directory
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
Disables trace logs
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
Checks proxy server information
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- opera.exe (PID: 3392)
- opera.exe (PID: 3040)
- browser_assistant.exe (PID: 3156)
Create files in a temporary directory
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- OperaSetup.exe (PID: 2460)
- setup.exe (PID: 3780)
- setup.exe (PID: 3624)
- setup.exe (PID: 3048)
- setup.exe (PID: 708)
- setup.exe (PID: 1296)
- installer.exe (PID: 2896)
- Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 2740)
- installer.exe (PID: 4384)
- opera.exe (PID: 3392)
- opera.exe (PID: 3040)
Reads the software policy settings
- 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe (PID: 2036)
- setup.exe (PID: 3780)
- installer.exe (PID: 4384)
- browser_assistant.exe (PID: 3156)
The sample compiled with english language support
- OperaSetup.exe (PID: 2460)
- setup.exe (PID: 3624)
- setup.exe (PID: 3780)
- setup.exe (PID: 3048)
- setup.exe (PID: 1296)
- setup.exe (PID: 708)
- Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 2740)
- installer.exe (PID: 2896)
- installer.exe (PID: 4384)
- assistant_installer.exe (PID: 5428)
- installer.exe (PID: 4180)
- installer.exe (PID: 624)
- installer.exe (PID: 4288)
- opera.exe (PID: 6472)
- opera_autoupdate.exe (PID: 7056)
Creates files or folders in the user directory
- setup.exe (PID: 3624)
- setup.exe (PID: 3780)
- setup.exe (PID: 1296)
- installer.exe (PID: 4384)
- assistant_installer.exe (PID: 5428)
- opera.exe (PID: 3392)
- browser_assistant.exe (PID: 3156)
- opera.exe (PID: 3040)
Launch of the file from Registry key
- assistant_installer.exe (PID: 5428)
Manual execution by a user
- assistant_installer.exe (PID: 5748)
OPERA mutex has been found
- opera.exe (PID: 3392)
- opera.exe (PID: 3040)
- browser_assistant.exe (PID: 3156)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .exe | | | Win64 Executable (generic) (64.6) |
|---|---|---|
| .dll | | | Win32 Dynamic Link Library (generic) (15.4) |
| .exe | | | Win32 Executable (generic) (10.5) |
| .exe | | | Generic Win/DOS Executable (4.6) |
| .exe | | | DOS Executable Generic (4.6) |
EXIF
EXE
| MachineType: | Intel 386 or later, and compatibles |
|---|---|
| TimeStamp: | 2038:06:13 17:31:41+00:00 |
| ImageFileCharacteristics: | Executable, Large address aware, 32-bit |
| PEType: | PE32 |
| LinkerVersion: | 48 |
| CodeSize: | 9268736 |
| InitializedDataSize: | 18944 |
| UninitializedDataSize: | - |
| EntryPoint: | 0x8d8dce |
| OSVersion: | 4 |
| ImageVersion: | - |
| SubsystemVersion: | 6 |
| Subsystem: | Windows GUI |
| FileVersionNumber: | 1.0.0.0 |
| ProductVersionNumber: | 1.0.0.0 |
| FileFlagsMask: | 0x003f |
| FileFlags: | (none) |
| FileOS: | Win32 |
| ObjectFileType: | Executable application |
| FileSubtype: | - |
| LanguageCode: | Neutral |
| CharacterSet: | Unicode |
| Comments: | - |
| CompanyName: | - |
| FileDescription: | DiscordInstall |
| FileVersion: | 1.0.0.0 |
| InternalName: | DiscordInstall.exe |
| LegalCopyright: | Copyright © 2025 |
| LegalTrademarks: | - |
| OriginalFileName: | DiscordInstall.exe |
| ProductName: | DiscordInstall |
| ProductVersion: | 1.0.0.0 |
| AssemblyVersion: | 1.0.0.0 |
Total processes
213
Monitored processes
108
Malicious processes
23
Suspicious processes
8
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 604 | "C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202505282012361\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=118.0.5461.41 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0xd6103c,0xd61048,0xd61054 | C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202505282012361\assistant\assistant_installer.exe | assistant_installer.exe | ||||||||||||
User: admin Company: Opera Software Integrity Level: MEDIUM Description: Opera Browser Assistant Installer Exit code: 0 Version: 118.0.5461.41 Modules
| |||||||||||||||
| 624 | C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.56\installer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.56 --initial-client-data=0x280,0x2b0,0x2b4,0x284,0x2b8,0x7ffc730d8dc8,0x7ffc730d8dd4,0x7ffc730d8de0 | C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.56\installer.exe | installer.exe | ||||||||||||
User: admin Company: Opera Software Integrity Level: MEDIUM Description: Opera Installer Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 708 | C:\Users\admin\AppData\Local\Temp\7zSC9946B56\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.56 --initial-client-data=0x2bc,0x2c0,0x2c4,0x28c,0x2c8,0x7ffc72568dc8,0x7ffc72568dd4,0x7ffc72568de0 | C:\Users\admin\AppData\Local\Temp\7zSC9946B56\setup.exe | setup.exe | ||||||||||||
User: admin Company: Opera Software Integrity Level: MEDIUM Description: Opera Installer Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 988 | "C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --no-pre-read-main-dll --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:disable-adblockers-on-search-ads=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:keywords-from-backend=off --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:installer-experiment-test=off --field-trial-handle=1932,i,4084217697097325485,17023773557669054644,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=3212 /prefetch:14 | C:\Users\admin\AppData\Local\Programs\Opera\opera.exe | — | opera.exe | |||||||||||
User: admin Company: Opera Software Integrity Level: LOW Description: Opera Internet Browser Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1072 | "C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=gpu-process --no-pre-read-main-dll --start-stack-profiler --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:disable-adblockers-on-search-ads=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:keywords-from-backend=off --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:installer-experiment-test=off --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1840,i,1879055277526801256,10953287980436272795,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=1836 /prefetch:2 | C:\Users\admin\AppData\Local\Programs\Opera\opera.exe | — | opera.exe | |||||||||||
User: admin Company: Opera Software Integrity Level: LOW Description: Opera Internet Browser Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1076 | "C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --enable-quic --no-pre-read-main-dll --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:disable-adblockers-on-search-ads=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:keywords-from-backend=off --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:installer-experiment-test=off --field-trial-handle=1840,i,1879055277526801256,10953287980436272795,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=2376 /prefetch:13 | C:\Users\admin\AppData\Local\Programs\Opera\opera.exe | — | opera.exe | |||||||||||
User: admin Company: Opera Software Integrity Level: LOW Description: Opera Internet Browser Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1220 | "C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --no-pre-read-main-dll --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:disable-adblockers-on-search-ads=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:keywords-from-backend=off --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:installer-experiment-test=off --field-trial-handle=1932,i,4084217697097325485,17023773557669054644,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=3908 /prefetch:14 | C:\Users\admin\AppData\Local\Programs\Opera\opera.exe | — | opera.exe | |||||||||||
User: admin Company: Opera Software Integrity Level: LOW Description: Opera Internet Browser Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1296 | "C:\Users\admin\AppData\Local\Temp\7zSC9946B56\setup.exe" --backend --install --import-browser-data=0 --enable-crash-reporting=1 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --showunbox=0 --installfolder="C:\Users\admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=0 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=3780 --package-dir-prefix="C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20250528201236" --session-guid=0a056b75-7151-47dd-a046-56379f7a87a9 --server-tracking-blob=MWI3NzZlMzc4MmQ1N2U3YTg5N2IwNTMyZmYxYWQ0MDhlYzBlMTU1OTZhNWZhZDE2NTlkMzBjZjIyMDA1NmFlZjp7ImNvdW50cnkiOiJGUiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGU/dXRtX21lZGl1bT1hcGImdXRtX3NvdXJjZT1PRlQmdXRtX2NhbXBhaWduPTM5ODExIiwic3lzdGVtIjp7InBsYXRmb3JtIjp7ImFyY2giOiJ4ODZfNjQiLCJvcHN5cyI6IldpbmRvd3MiLCJvcHN5cy12ZXJzaW9uIjoiMTEiLCJwYWNrYWdlIjoiRVhFIn19LCJ0aW1lc3RhbXAiOiIxNzQ4NDYzMTU0LjAyNDMiLCJ1dG0iOnsiY2FtcGFpZ24iOiIzOTgxMSIsIm1lZGl1bSI6ImFwYiIsInNvdXJjZSI6Ik9GVCJ9LCJ1dWlkIjoiNDMxODJhZGItZjcxZS00NmVkLWJmYzItZTlhMjlmNTE4MjA5In0= --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=8C05000000000000 | C:\Users\admin\AppData\Local\Temp\7zSC9946B56\setup.exe | setup.exe | ||||||||||||
User: admin Company: Opera Software Integrity Level: MEDIUM Description: Opera Installer Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1296 | "C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --no-pre-read-main-dll --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=off --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:disable-adblockers-on-search-ads=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:keywords-from-backend=off --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner=on --with-feature:translator=on --with-feature:installer-experiment-test=off --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=1932,i,4084217697097325485,17023773557669054644,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:9 | C:\Users\admin\AppData\Local\Programs\Opera\opera.exe | — | opera.exe | |||||||||||
User: admin Company: Opera Software Integrity Level: LOW Description: Opera Internet Browser Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
| 1480 | C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.56\opera_crashreporter.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.56 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2d4,0x7ffc6feb9f00,0x7ffc6feb9f10,0x7ffc6feb9f20 | C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.56\opera_crashreporter.exe | opera.exe | ||||||||||||
User: admin Company: Opera Software Integrity Level: MEDIUM Description: Opera crash-reporter Exit code: 0 Version: 119.0.5497.56 Modules
| |||||||||||||||
Total events
28 236
Read events
27 573
Write events
645
Delete events
18
Modification events
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | EnableFileTracing |
Value: 0 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | EnableAutoFileTracing |
Value: 0 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | EnableConsoleTracing |
Value: 0 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | FileTracingMask |
Value: | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | ConsoleTracingMask |
Value: | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | MaxFileSize |
Value: 1048576 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASMANCS |
| Operation: | write | Name: | FileDirectory |
Value: %windir%\tracing | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32 |
| Operation: | write | Name: | EnableFileTracing |
Value: 0 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32 |
| Operation: | write | Name: | EnableAutoFileTracing |
Value: 0 | |||
| (PID) Process: | (2036) 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RASAPI32 |
| Operation: | write | Name: | EnableConsoleTracing |
Value: 0 | |||
Executable files
29
Suspicious files
526
Text files
568
Unknown types
160
Dropped files
PID | Process | Filename | Type | |
|---|---|---|---|---|
| 3780 | setup.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\59D76868C250B3240414CE3EFBB12518_9AD8E6D69BA520C5190A9B86E29789D5 | binary | |
MD5:88E90BA3DD39C6B264E0781C5E564F65 | SHA256:BFF7CA7F282992D65063510F7DA664D8BDFB94D0FDAF870B07893D8D87CECBD1 | |||
| 3780 | setup.exe | C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\5C651ZXJ\Opera_119.0.5497.56_Autoupdate_x64[1].exe | — | |
MD5:— | SHA256:— | |||
| 3780 | setup.exe | C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202505282012361\opera_package | — | |
MD5:— | SHA256:— | |||
| 3780 | setup.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12 | der | |
MD5:4A90329071AE30B759D279CCA342B0A6 | SHA256:4F544379EDA8E2653F71472AB968AEFD6B5D1F4B3CE28A5EDB14196184ED3B60 | |||
| 3624 | setup.exe | C:\Users\admin\AppData\Local\Temp\Opera_installer_2505282012362613624.dll | executable | |
MD5:695DF725CC51AB630158814D88A24941 | SHA256:AC9F2B9A576CCA083C7C73BB3C7920EEE93037F622ADDBF56B0AC21761B061D2 | |||
| 2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | C:\Users\admin\AppData\Local\Temp\OperaSetup.exe | executable | |
MD5:ABD4D6E5AA54D14B7907C1E112EB1823 | SHA256:73624645E629E083ED12131DE9D3220640490E0D34CFE06FB53CFFC1B92683EB | |||
| 3780 | setup.exe | C:\Users\admin\AppData\Local\Temp\Opera_installer_2505282012360893780.dll | executable | |
MD5:695DF725CC51AB630158814D88A24941 | SHA256:AC9F2B9A576CCA083C7C73BB3C7920EEE93037F622ADDBF56B0AC21761B061D2 | |||
| 3780 | setup.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_B7ED31D77D311A56FDCB56A0083B3E0B | binary | |
MD5:92E7219634A38E5B83D8ADFDA411CA37 | SHA256:6EA346473CC9FDC37AACE7BBC7D37AB936FD7823CAA4E06E2D43C21B12877534 | |||
| 3780 | setup.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\59D76868C250B3240414CE3EFBB12518_9AD8E6D69BA520C5190A9B86E29789D5 | der | |
MD5:4CAF6B119812C6C8EDE5938762A4F828 | SHA256:DE6036C424716EB2F45178510CF2C6C2C6F6A8453BE36F442E3D7EA6BC193E86 | |||
| 3780 | setup.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\26C212D9399727259664BDFCA073966E_B7ED31D77D311A56FDCB56A0083B3E0B | der | |
MD5:BABDBE1CCF0266E763C7A9AC3DFF4DC0 | SHA256:FAAAA7512EB38F4A93E273EF3B12589519CA1F386E9778B063C40ACE43E12C84 | |||
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
33
TCP/UDP connections
105
DNS requests
101
Threats
19
HTTP requests
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
|---|---|---|---|---|---|---|---|---|---|
5268 | smartscreen.exe | GET | 200 | 208.89.74.27:80 | http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?775d74272afde552 | unknown | — | — | whitelisted |
5268 | smartscreen.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D | unknown | — | — | whitelisted |
2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | GET | 200 | 208.95.112.1:80 | http://ip-api.com/json | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAz1vQYrVgL0erhQLCPM8GY%3D | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSnxLiz3Fu1WB6n1%2FE6xWn1b0jXiQQUdIWAwGbH3zfez70pN6oDHb7tzRcCEA17ZgsSl63KHstWnAbUez0%3D | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAsA6S1NbXMfyjBZx8seGIY%3D | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 216.58.206.35:80 | http://c.pki.goog/r/r4.crl | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 216.58.206.35:80 | http://c.pki.goog/r/gsr1.crl | unknown | — | — | whitelisted |
1352 | svchost.exe | GET | 200 | 184.25.50.48:80 | http://www.msftconnecttest.com/connecttest.txt | unknown | — | — | whitelisted |
3780 | setup.exe | GET | 200 | 2.23.77.188:80 | http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEA6bGI750C3n79tQ4ghAGFo%3D | unknown | — | — | whitelisted |
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
Connections
PID | Process | IP | Domain | ASN | CN | Reputation |
|---|---|---|---|---|---|---|
5268 | smartscreen.exe | 20.82.9.214:443 | checkappexec.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
5268 | smartscreen.exe | 208.89.74.27:80 | ctldl.windowsupdate.com | — | US | whitelisted |
5268 | smartscreen.exe | 2.23.77.188:80 | ocsp.digicert.com | AKAMAI-AS | DE | whitelisted |
1352 | svchost.exe | 184.25.50.104:80 | — | Akamai International B.V. | DE | unknown |
3952 | svchost.exe | 239.255.255.250:1900 | — | — | — | whitelisted |
4576 | MoUsoCoreWorker.exe | 20.73.194.208:443 | settings-win.data.microsoft.com | MICROSOFT-CORP-MSN-AS-BLOCK | NL | whitelisted |
2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | 208.95.112.1:80 | ip-api.com | TUT-AS | US | whitelisted |
2276 | svchost.exe | 2.16.185.191:443 | fs.microsoft.com | AKAMAI-AS | DE | whitelisted |
2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | 199.232.210.172:443 | ctldl.windowsupdate.com | FASTLY | US | whitelisted |
2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | 185.26.182.112:443 | net.geo.opera.com | Opera Software AS | — | whitelisted |
DNS requests
Domain | IP | Reputation |
|---|---|---|
checkappexec.microsoft.com |
| whitelisted |
ctldl.windowsupdate.com |
| whitelisted |
ocsp.digicert.com |
| whitelisted |
settings-win.data.microsoft.com |
| whitelisted |
ip-api.com |
| whitelisted |
fs.microsoft.com |
| whitelisted |
download.visualstudio.microsoft.com |
| whitelisted |
net.geo.opera.com |
| whitelisted |
desktop-netinstaller-sub.osp.opera.software |
| whitelisted |
autoupdate.opera.com |
| whitelisted |
Threats
PID | Process | Class | Message |
|---|---|---|---|
1664 | svchost.exe | Device Retrieving External IP Address Detected | INFO [ANY.RUN] External IP Check (ip-api .com) |
1664 | svchost.exe | Device Retrieving External IP Address Detected | ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com) |
2036 | 941e3fdc3bcf2ae722034519e5c06140202b8636c6e1836d357d81fc1f53a4a9.bin.exe | Device Retrieving External IP Address Detected | ET INFO External IP Lookup ip-api.com |
1352 | svchost.exe | Misc activity | ET INFO Microsoft Connection Test |
5180 | opera.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
5180 | opera.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
5180 | opera.exe | Generic Protocol Command Decode | SURICATA QUIC failed decrypt |
5180 | opera.exe | Generic Protocol Command Decode | SURICATA QUIC failed decrypt |
5180 | opera.exe | Not Suspicious Traffic | INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com) |
5180 | opera.exe | Generic Protocol Command Decode | SURICATA QUIC failed decrypt |
Process | Message |
|---|---|
assistant_installer.exe | [0528/201308.989:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202505282012361\assistant\assistant_installer.exe" --version
|
assistant_installer.exe | [0528/201323.477:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202505282012361\assistant\assistant_installer.exe" --installfolder="C:\Users\admin\AppData\Local\Programs\Opera\assistant" --copyonly=0 --allusers=0
|
assistant_installer.exe | [0528/201323.649:INFO:assistant_installer.cc(304)] Setting up the registry
|
assistant_installer.exe | [0528/201323.790:INFO:assistant_installer.cc(355)] Creating scheduled task
|
assistant_installer.exe | [0528/201323.852:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exe" --installfolder="C:\Users\admin\AppData\Local\Programs\Opera\assistant" --run-assistant --allusers=0
|
assistant_installer.exe | [0528/201323.852:INFO:assistant_installer.cc(265)] Running Assistant
|
browser_assistant.exe | [0528/201325.962:ERROR:tracking_data_utils.cc(72)] Can't read edition: missing value.
|
browser_assistant.exe | [0528/201327.851:INFO:browser_installation_event_reporter.cc(142)] Installed browsers:
|
browser_assistant.exe | [0528/201327.851:INFO:browser_installation_event_reporter.cc(144)] Firefox
|
browser_assistant.exe | [0528/201327.851:INFO:browser_installation_event_reporter.cc(144)] Chrome
|