File name:

Blinky_0.1.zip

Full analysis: https://app.any.run/tasks/a1a1d237-a017-4267-9f2d-ccf8ad73d29a
Verdict: Malicious activity
Analysis date: August 24, 2024, 16:17:35
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v1.0 to extract, compression method=store
MD5:

550702579C13A9A28E59662942CF9B3B

SHA1:

2CC57D1624E3217BB37FD4F78D7D42637E3C23FC

SHA256:

99F8A4FB14B382D0E9FE0189CD8E4053C4E53641EE6B10C78A5B516873425B13

SSDEEP:

12288:B7FNJnlIAgHwqfVQ/fCIZwYHn9XJlFwqHz3CI59uqtXjFmjxP:dFrnlIAYwqdQyIZwYHn9XJTdHz3CI59y

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 6720)

    • Reads security settings of Internet Explorer

      • WinRAR.exe (PID: 6720)

    • Drops a system driver (possible attempt to evade defenses)

      • WinRAR.exe (PID: 6720)

  • INFO

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 6720)

    • Application launched itself

      • firefox.exe (PID: 5908)
      • firefox.exe (PID: 4248)

    • Reads Microsoft Office registry keys

      • firefox.exe (PID: 5908)

    • Manual execution by a user

      • firefox.exe (PID: 4248)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 10
ZipBitFlag: -
ZipCompression: None
ZipModifyDate: 2024:01:21 18:36:32
ZipCRC: 0x00000000
ZipCompressedSize: -
ZipUncompressedSize: -
ZipFileName: Blinky/
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
160
Monitored processes
26
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe blinky.exe no specs blinky.exe conhost.exe no specs blinky.exe no specs blinky.exe conhost.exe no specs blinky.exe no specs blinky.exe conhost.exe no specs firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
208"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6852 -childID 6 -isForBrowser -prefsHandle 6772 -prefMapHandle 6820 -prefsLen 31161 -prefMapSize 244343 -jsInitHandle 1480 -jsInitLen 235124 -parentBuildID 20240213221259 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39c2186a-e800-4821-840e-78c19146ce0d} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 21165b81d90 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
568"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5768 -childID 4 -isForBrowser -prefsHandle 5772 -prefMapHandle 5776 -prefsLen 31161 -prefMapSize 244343 -jsInitHandle 1480 -jsInitLen 235124 -parentBuildID 20240213221259 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {520200a5-4a9f-4e5e-b3a3-33478ae22629} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 2116231ea10 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
1944"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5128 -parentBuildID 20240213221259 -sandboxingKind 0 -prefsHandle 5240 -prefMapHandle 5160 -prefsLen 36339 -prefMapSize 244343 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb7d6d4d-95cf-4525-8d57-b9217e85c5a8} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 21162f49310 utilityC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
2248"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5892 -childID 8 -isForBrowser -prefsHandle 5436 -prefMapHandle 7068 -prefsLen 31242 -prefMapSize 244343 -jsInitHandle 1480 -jsInitLen 235124 -parentBuildID 20240213221259 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {34ed487e-54bb-4241-83e8-9170661825cb} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 2115a1634d0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
2268"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6620 -parentBuildID 20240213221259 -prefsHandle 6628 -prefMapHandle 5824 -prefsLen 34713 -prefMapSize 244343 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4bfb3be3-b059-4a6c-86f9-56a4cd39e255} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 211634e8e10 rddC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
2396"C:\Users\admin\AppData\Local\Temp\Rar$EXa6720.7942\Blinky\Blinky.exe" C:\Users\admin\AppData\Local\Temp\Rar$EXa6720.7942\Blinky\Blinky.exeWinRAR.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
3221226540
Modules
Images
c:\users\admin\appdata\local\temp\rar$exa6720.7942\blinky\blinky.exe
c:\windows\system32\ntdll.dll
3992"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5756 -childID 7 -isForBrowser -prefsHandle 5904 -prefMapHandle 5920 -prefsLen 31242 -prefMapSize 244343 -jsInitHandle 1480 -jsInitLen 235124 -parentBuildID 20240213221259 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {32702fcc-3164-48e2-b181-6953e4794e81} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 2115a163f50 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
4076"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5980 -childID 5 -isForBrowser -prefsHandle 6056 -prefMapHandle 6052 -prefsLen 31161 -prefMapSize 244343 -jsInitHandle 1480 -jsInitLen 235124 -parentBuildID 20240213221259 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {29110405-883b-43be-94ea-10441e3358f7} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 2116231ebd0 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Exit code:
0
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
4248"C:\Program Files\Mozilla Firefox\firefox.exe" C:\Program Files\Mozilla Firefox\firefox.exeexplorer.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Exit code:
0
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\program files\mozilla firefox\msvcp140.dll
c:\program files\mozilla firefox\vcruntime140.dll
c:\windows\system32\crypt32.dll
c:\program files\mozilla firefox\vcruntime140_1.dll
4344"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2264 -parentBuildID 20240213221259 -prefsHandle 2256 -prefMapHandle 2252 -prefsLen 30537 -prefMapSize 244343 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {014f0572-09be-4c4b-98d2-7ec3a0f3fd19} 5908 "\\.\pipe\gecko-crash-server-pipe.5908" 2114d880110 socketC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
LOW
Description:
Firefox
Version:
123.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
Total events
25 245
Read events
25 166
Write events
78
Delete events
1

Modification events

(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\GoogleChromeEnterpriseBundle64.zip
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Blinky_0.1.zip
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(6720) WinRAR.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
Executable files
10
Suspicious files
160
Text files
12
Unknown types
0

Dropped files

PID
Process
Filename
Type
6720WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa6720.7334\Blinky\Blinky.exeexecutable
MD5:2A0FD6F9C3301049F0F4F15F2DCFF1D5
SHA256:25907C7014E0C6F2E304A5F3C2CCA35E7EE49CEAA711CB9CCAD68BB60C3595ED
6720WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa6720.7942\Blinky\Blinky.exeexecutable
MD5:2A0FD6F9C3301049F0F4F15F2DCFF1D5
SHA256:25907C7014E0C6F2E304A5F3C2CCA35E7EE49CEAA711CB9CCAD68BB60C3595ED
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\sessionCheckpoints.jsonbinary
MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
SHA256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\cookies.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\sessionCheckpoints.json.tmpbinary
MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
SHA256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\SiteSecurityServiceState.binbinary
MD5:1F190EB7231007C6265F7908BEFCA910
SHA256:DB228A048B23B467F0EEC421CAF8E247130960BE57B27EF7AA3367FAA3AE2465
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
6720WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa6720.9301\Blinky\Blinky.exeexecutable
MD5:2A0FD6F9C3301049F0F4F15F2DCFF1D5
SHA256:25907C7014E0C6F2E304A5F3C2CCA35E7EE49CEAA711CB9CCAD68BB60C3595ED
5908firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\prefs.jstext
MD5:29B10FAF49FE9A4A8898BCD01829224C
SHA256:D747DA7D5044C6288FE05C0BDBF233BB367C99FC1BAFFDDF6690BC633FD9BF02
6720WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DIa6720.9856\WinDivert64.sysexecutable
MD5:3BD5AC2E9D96E680F5DBDD183A58C47D
SHA256:208C092FE77F161C5A313B916D73FA7F6D10DD289BAB8BB5DFB3D59AACB27F25
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
47
TCP/UDP connections
151
DNS requests
181
Threats
1

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
6420
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
5796
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
5336
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
unknown
whitelisted
5336
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
5908
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
unknown
whitelisted
5908
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/canonical.html
unknown
whitelisted
5908
firefox.exe
POST
200
142.250.185.131:80
http://o.pki.goog/wr2
unknown
unknown
5908
firefox.exe
POST
200
184.24.77.71:80
http://r11.o.lencr.org/
unknown
unknown
5908
firefox.exe
POST
200
184.24.77.71:80
http://r11.o.lencr.org/
unknown
unknown
5908
firefox.exe
POST
200
2.16.241.8:80
http://r10.o.lencr.org/
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
5904
svchost.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2120
MoUsoCoreWorker.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2400
RUXIMICS.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4
System
192.168.100.255:138
whitelisted
4
System
192.168.100.255:137
whitelisted
5904
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
3260
svchost.exe
40.113.110.67:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5796
svchost.exe
40.126.32.72:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
unknown
5796
svchost.exe
192.229.221.95:80
ocsp.digicert.com
EDGECAST
US
whitelisted
6420
SIHClient.exe
13.85.23.86:443
slscr.update.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 40.127.240.158
  • 51.124.78.146
whitelisted
google.com
  • 142.250.186.78
whitelisted
client.wns.windows.com
  • 40.113.110.67
whitelisted
login.live.com
  • 40.126.32.72
  • 40.126.32.136
  • 40.126.32.133
  • 40.126.32.74
  • 40.126.32.76
  • 20.190.160.17
  • 40.126.32.138
  • 40.126.32.68
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
slscr.update.microsoft.com
  • 13.85.23.86
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted
fe3cr.delivery.mp.microsoft.com
  • 52.165.164.15
whitelisted
www.bing.com
  • 104.126.37.155
  • 104.126.37.147
  • 104.126.37.153
  • 104.126.37.162
  • 104.126.37.152
  • 104.126.37.137
  • 104.126.37.136
  • 104.126.37.146
  • 104.126.37.139
whitelisted
th.bing.com
  • 104.126.37.170
  • 104.126.37.161
  • 104.126.37.153
  • 104.126.37.171
  • 104.126.37.154
  • 104.126.37.155
  • 104.126.37.152
  • 104.126.37.160
  • 104.126.37.176
whitelisted

Threats

PID
Process
Class
Message
2256
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Blinky_0.1.zip