File name:

Audacity_Installer_via_MuseHub.exe

Full analysis: https://app.any.run/tasks/386b3c06-9257-49f4-a79a-e597c1b6facd
Verdict: Malicious activity
Analysis date: July 18, 2025, 04:38:29
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
auto-reg
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32+ executable (GUI) x86-64, for MS Windows, 6 sections
MD5:

9796E569AD231B4122B921F877BDC675

SHA1:

5D9D2AB081AAC44CBA19B3AEC384F8E0BA65F166

SHA256:

9C461A9CC008E4820AACED99E6749CE25F97B0C7311403058A96F3FF8C8CF2CE

SSDEEP:

393216:kWc+PeCNo0eY8UgWBco9y/jroqskLaaVf6xKMTiTcH6Za6Z0:vc+PeOWUgWBcayHsc8JwZaI0

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseHub.exe (PID: 6764)

    • Reads security settings of Internet Explorer

      • MuseHub.exe (PID: 6764)
      • MuseHub.exe (PID: 3540)

    • The process creates files with name similar to system file names

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

    • Process drops legitimate windows executable

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

    • Creates a software uninstall entry

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

    • Executes as Windows Service

      • MuseAuthService.exe (PID: 3620)

  • INFO

    • The sample compiled with english language support

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseHub.exe (PID: 6764)

    • Creates files in the program directory

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseAuthService.exe (PID: 3620)
      • MuseHub.exe (PID: 6764)

    • Reads Environment values

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseAuthService.exe (PID: 3620)
      • identity_helper.exe (PID: 7824)

    • Reads the computer name

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseHub.exe (PID: 6764)
      • MuseAuthService.exe (PID: 3620)
      • identity_helper.exe (PID: 7824)
      • MuseHub.exe (PID: 3540)

    • Checks proxy server information

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • slui.exe (PID: 8016)
      • MuseHub.exe (PID: 6764)

    • Create files in a temporary directory

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

    • Checks supported languages

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseAuthService.exe (PID: 3620)
      • MuseHub.exe (PID: 6764)
      • identity_helper.exe (PID: 7824)
      • MuseHub.exe (PID: 3540)

    • Reads the software policy settings

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • slui.exe (PID: 8016)
      • MuseHub.exe (PID: 6764)

    • Launching a file from a Registry key

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)

    • Manual execution by a user

      • MuseHub.exe (PID: 6764)
      • MuseHub.exe (PID: 3540)

    • Reads the machine GUID from the registry

      • Audacity_Installer_via_MuseHub.exe (PID: 6344)
      • MuseHub.exe (PID: 6764)

    • Creates files or folders in the user directory

      • MuseHub.exe (PID: 6764)

    • Application launched itself

      • msedge.exe (PID: 4788)
      • msedge.exe (PID: 3100)

    • Process checks computer location settings

      • MuseHub.exe (PID: 6764)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (87.3)
.exe | Generic Win/DOS Executable (6.3)
.exe | DOS Executable Generic (6.3)

EXIF

EXE

MachineType: AMD AMD64
TimeStamp: 2098:11:03 03:54:42+00:00
ImageFileCharacteristics: Executable, Large address aware
PEType: PE32+
LinkerVersion: 14.44
CodeSize: 435200
InitializedDataSize: 48161280
UninitializedDataSize: -
EntryPoint: 0x60c30
OSVersion: 6
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 2.3.8.1908
ProductVersionNumber: 2.3.8.1908
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: Muse Group
FileDescription: MuseHub Installer
FileVersion: 2.3.8.1908
InternalName: MuseHub.Installer.exe
LegalCopyright: Copyright (C) 2025 Muse Group
OriginalFileName: MuseHub.Installer.exe
ProductName: MuseHub Installer
ProductVersion: 2.3.8.1908
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
161
Monitored processes
31
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start audacity_installer_via_musehub.exe museauthservice.exe no specs musehub.exe musehub.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs identity_helper.exe no specs identity_helper.exe no specs msedge.exe no specs slui.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs audacity_installer_via_musehub.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
188"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=6088,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=6112 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
892"C:\Users\admin\Desktop\Audacity_Installer_via_MuseHub.exe" C:\Users\admin\Desktop\Audacity_Installer_via_MuseHub.exeexplorer.exe
User:
admin
Company:
Muse Group
Integrity Level:
MEDIUM
Description:
MuseHub Installer
Exit code:
3221226540
Version:
2.3.8.1908
Modules
Images
c:\users\admin\desktop\audacity_installer_via_musehub.exe
c:\windows\system32\ntdll.dll
1288"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --disable-quic --string-annotations --always-read-main-dll --field-trial-handle=2224,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=3180 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1800"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2636,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=2620 /prefetch:2C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
2524"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3600,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=3648 /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3100"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://identity.musehub.com/a8d1bf85-f21d-49c9-9960-b7b6f09ecca8/b2c_1a_signup_signin_customer/oauth2/v2.0/authorize?response_type=code&scope=openid%20profile%20offline_access%20https%3A%2F%2Fidentity.musehub.com%2F5eb80cdc-9083-4138-83e1-12bf77322c39%2Fdefault%20&response_mode=query&redirect_uri=http%3A%2F%2F127.0.0.1%3A4050/museIdCallback&client_id=1811a9fa-1245-4af0-afb8-8660f35ebe6a&state=T0aNMPYJG2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&code_challenge=GHDjoADgHv3RcRhAk1Z8QU4xx3FCQpEPA_35gLIVty0&code_challenge_method=S256C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeMuseHub.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
3480"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3224,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=3608 /prefetch:1C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
3540"C:\Program Files\MuseHub\current\MuseHub.exe" "----ms-protocol:ms-encodedlaunch:App?ContractId=Windows.StartupTask&TaskId=MuseHub"C:\Program Files\MuseHub\current\MuseHub.exeexplorer.exe
User:
admin
Company:
MuseHub
Integrity Level:
MEDIUM
Description:
MuseHub
Exit code:
0
Version:
2.3.8.1908
Modules
Images
c:\program files\musehub\current\musehub.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
3620"C:\Program Files\MuseHub\current\MuseAuthService.exe"C:\Program Files\MuseHub\current\MuseAuthService.exeservices.exe
User:
SYSTEM
Company:
Muse Group
Integrity Level:
SYSTEM
Description:
MuseHub Authorization Service
Version:
1.0.0.0
Modules
Images
c:\program files\musehub\current\museauthservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\bcrypt.dll
3860"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --disable-quic --message-loop-type-ui --string-annotations --always-read-main-dll --field-trial-handle=4972,i,5561829142636562993,8449415283889297923,262144 --variations-seed-version --mojo-platform-channel-handle=5988 /prefetch:8C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
16 134
Read events
16 082
Write events
52
Delete events
0

Modification events

(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:DisplayName
Value:
MuseHub
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:DisplayVersion
Value:
2.3.8.1908
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:DisplayIcon
Value:
C:\Program Files\MuseHub\current\Assets\logo.ico
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:Publisher
Value:
Muse Group
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:InstallLocation
Value:
C:\Program Files\MuseHub\current\
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:UninstallString
Value:
C:\Program Files\MuseHub\current\MuseHub.Uninstaller.exe
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:QuietUninstallString
Value:
"C:\Program Files\MuseHub\current\MuseHub.Uninstaller.exe" --silent
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:InstallDate
Value:
20250718
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:HelpLink
Value:
https://musehub.com
(PID) Process:(6344) Audacity_Installer_via_MuseHub.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MuseHub
Operation:writeName:URLUpdateInfo
Value:
https://musehub.com
Executable files
455
Suspicious files
168
Text files
185
Unknown types
1

Dropped files

PID
Process
Filename
Type
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\Sentry\376c8781-db39-497e-1a7e-8e36a021edd5.run\session.jsonbinary
MD5:85D182ADF6DFD2E6F9EF1EB2583D738D
SHA256:F63B7094E22FE826802E5CCE6D0ADD16656276C4261010E796902A783491152D
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\Installer_2025_7_18_4_38_54.logtext
MD5:CA1C21EFC317F5A2AE1647DADFD3AC9D
SHA256:E4582E38CCFF272E68EF6816F3329F672B647445E305F322ECD7EA9AAA02E28D
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Images\AppList.scale-100.pngimage
MD5:B10DEDA7F5E200937F9E1EB136277E58
SHA256:EE9DCBF1FDDA2D2DC78731C17C031BB38D7FC5722A87BD243EA927EA0F2D2CDD
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Images\Courses\plugins2.scale-200.jpgimage
MD5:A282BAE50F41AB3FD9CAF80565D7E510
SHA256:3C7900549CD89D4B54637E91B219CD9BAD62E62111258649B984553920DE66B9
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Fonts\MuseSansMonoVF.ttfbinary
MD5:030359C1C5C7655A561EBB3006766F8C
SHA256:F2BEF118E288E862FE493F61C26BC0F4CB961D2726010A21D7BD098FE7935485
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Fonts\Segoe Fluent Icons.ttfbinary
MD5:460A1FFA29FBC20E97861B497601C552
SHA256:82F5DC0E0CB9F41EFAD49E5423C76768AE0FC96E062A0893B6C729B863033013
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Fonts\MuseDisplay-Harmony.ttfbinary
MD5:90CDE48C3C685461BAACBF24961896CC
SHA256:E287419D17F18C23ED00FBC19D8BB16151AC895685D974A1119ED32036095024
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Images\Courses\plugins2.scale-100.jpgimage
MD5:66C12A450F9BEE86636582F6FFA981EB
SHA256:B5EA454934E2854C7796C36BB80A31412C2D3C5E5BA9F98AC57B3BFE2278164A
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Fonts\MuseSansVF.ttfbinary
MD5:9D35672A924713D1443DBBD20F5638DA
SHA256:F74F334BA24E1812763DE35EEB838A695D2EBF829EA5AE9C69F0A75B04D78103
6344Audacity_Installer_via_MuseHub.exeC:\Users\admin\AppData\Local\Temp\MuseHub\Installer\ZIP_MUSEHUB\Assets\Images\Courses\plugins1.scale-200.jpgimage
MD5:FF3A869D32CBA490D305764E3E954CBF
SHA256:8AD941F3E7D020BF1FDC8BF350A663871FCFEDDD3E15319656C193388419F636
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
174
TCP/UDP connections
144
DNS requests
75
Threats
16

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1268
svchost.exe
GET
200
23.55.110.211:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
23.55.110.211:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
1268
svchost.exe
GET
200
23.3.109.244:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
5944
MoUsoCoreWorker.exe
GET
200
23.3.109.244:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
23.3.109.244:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
POST
400
20.190.159.2:443
https://login.live.com/ppsecure/deviceaddcredential.srf
unknown
text
203 b
whitelisted
POST
200
20.190.159.2:443
https://login.live.com/RST2.srf
unknown
xml
1.24 Kb
whitelisted
POST
400
40.126.31.67:443
https://login.live.com/ppsecure/deviceaddcredential.srf
unknown
text
203 b
whitelisted
POST
400
40.126.31.129:443
https://login.live.com/ppsecure/deviceaddcredential.srf
unknown
whitelisted
POST
400
20.190.159.129:443
https://login.live.com/ppsecure/deviceaddcredential.srf
unknown
text
203 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
20.73.194.208:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4
System
192.168.100.255:138
whitelisted
1268
svchost.exe
23.55.110.211:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
23.55.110.211:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
1268
svchost.exe
23.3.109.244:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
5944
MoUsoCoreWorker.exe
23.3.109.244:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
23.3.109.244:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
20.190.160.66:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 20.73.194.208
  • 4.231.128.59
whitelisted
google.com
  • 142.250.186.110
whitelisted
crl.microsoft.com
  • 23.55.110.211
  • 23.55.110.193
  • 23.216.77.6
  • 23.216.77.28
whitelisted
www.microsoft.com
  • 23.3.109.244
  • 184.30.21.171
whitelisted
login.live.com
  • 20.190.160.66
  • 20.190.160.5
  • 20.190.160.22
  • 20.190.160.65
  • 40.126.32.68
  • 40.126.32.72
  • 40.126.32.133
  • 40.126.32.140
whitelisted
slscr.update.microsoft.com
  • 52.149.20.212
whitelisted
o4507384982339584.ingest.de.sentry.io
  • 34.120.62.213
whitelisted
cosmos-customer-webservice.azurewebsites.net
  • 20.119.0.23
unknown
fe3cr.delivery.mp.microsoft.com
  • 20.242.39.171
whitelisted
production-v2.muse-cdn.com
  • 172.67.69.47
  • 104.26.11.244
  • 104.26.10.244
unknown

Threats

PID
Process
Class
Message
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
2200
svchost.exe
Misc activity
ET INFO Abused Hosting Domain in DNS Lookup (azurewebsites .net)
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
6764
MuseHub.exe
Misc activity
ET INFO Abused Hosting Domain (azurewebsites .net) in TLS SNI
Process
Message
MuseHub.exe
MuseHub Information: 0 :
MuseHub.exe
2025-07-18 04:39:09.0916|INFO|Muse.Services.SettingsService|Reloading settings...
MuseHub.exe
MuseHub Information: 0 :
MuseHub.exe
2025-07-18 04:39:09.0947|INFO|Muse.Services.SettingsService|Settings file does not exist. Creating a new default settings file.
MuseHub.exe
MuseHub Information: 0 :
MuseHub.exe
2025-07-18 04:39:09.0947|INFO|Muse.Services.SettingsService|Saving settings...
MuseHub.exe
MuseHub Information: 0 :
MuseHub.exe
2025-07-18 04:39:09.4107|INFO|Muse.MuseWindow|Acquired logger for MuseWindow, entering startup sequence...
MuseHub.exe
MuseHub Information: 0 :
MuseHub.exe
2025-07-18 04:39:09.5091|INFO|Muse.MuseWindow|Ensuring file system is writable...
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Audacity_Installer_via_MuseHub.exe