File name:

Marvels Spider-Man Remastered Free Download (v....exe

Full analysis: https://app.any.run/tasks/ed1ebe53-8b3c-4da7-a21b-8c9a6c5208ed
Verdict: Malicious activity
Analysis date: August 24, 2023, 05:08:17
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5:

69BF82A77843DE8C8899694E08F4C66B

SHA1:

E49AAA164F1E9F0772201B92C76D94E849EEEF40

SHA256:

9CE024E2937F6920EE75D1076A8D3A69C52B88937F6C93A5B85704E8E762B648

SSDEEP:

98304:uHhCYZT8iGX7vp4THYPihcnBm5Sj4bHgkbA33vc+y:uBCYZT8PXLMHY6IHjGgkU330+y

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Actions looks like stealing of personal data

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Loads dropped or rewritten executable

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

  • SUSPICIOUS

    • Reads the Internet Settings

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Executable content was dropped or overwritten

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads the Windows owner or organization settings

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Checks Windows Trust Settings

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads security settings of Internet Explorer

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads settings of System Certificates

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Searches for installed software

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Application launched itself

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)

    • Adds/modifies Windows certificates

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)

  • INFO

    • Reads the computer name

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Checks supported languages

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads the machine GUID from the registry

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads product name

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Reads Environment values

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Create files in a temporary directory

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)

    • Creates files or folders in the user directory

      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3484)
      • Marvels Spider-Man Remastered Free Download (v....exe (PID: 3988)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (49.4)
.scr | Windows screen saver (23.4)
.dll | Win32 Dynamic Link Library (generic) (11.7)
.exe | Win32 Executable (generic) (8)
.exe | Generic Win/DOS Executable (3.5)

EXIF

EXE

AssemblyVersion: 1.5.1.6578
ProductName: InstallCapital
OriginalFileName: GenericSetup.exe
LegalTrademarks: -
LegalCopyright: Copyright © Adaware 2023
InternalName: IC001.exe
FileDescription: Software Installation
CompanyName: IC001
Comments: -
ProductVersion: 7.14.2.0
FileVersion: 1.5.1.6578
CharacterSet: Unicode
LanguageCode: Neutral
FileSubtype: -
ObjectFileType: Executable application
FileOS: Windows NT 32-bit
FileFlags: (none)
FileFlagsMask: 0x003f
ProductVersionNumber: 7.14.2.0
FileVersionNumber: 1.5.1.6578
Subsystem: Windows GUI
SubsystemVersion: 4
ImageVersion: -
OSVersion: 4
EntryPoint: 0x3fe3ee
UninitializedDataSize: -
InitializedDataSize: 3584
CodeSize: 4178944
LinkerVersion: 6
PEType: PE32
ImageFileCharacteristics: Executable, No line numbers, No symbols, 32-bit
TimeStamp: 2023:03:27 19:51:35+00:00
MachineType: Intel 386 or later, and compatibles
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
40
Monitored processes
2
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start marvels spider-man remastered free download (v....exe marvels spider-man remastered free download (v....exe

Process information

PID
CMD
Path
Indicators
Parent process
3484"C:\Users\admin\AppData\Local\Temp\Marvels Spider-Man Remastered Free Download (v....exe" C:\Users\admin\AppData\Local\Temp\Marvels Spider-Man Remastered Free Download (v....exe
explorer.exe
User:
admin
Company:
IC001
Integrity Level:
MEDIUM
Description:
Software Installation
Exit code:
0
Version:
1.5.1.6578
Modules
Images
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\temp\marvels spider-man remastered free download (v....exe
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
3988"C:\Users\admin\AppData\Local\Temp\Marvels Spider-Man Remastered Free Download (v....exe" huac hpp=QzpcVXNlcnNcYWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXE1hcnZlbHMgU3BpZGVyLU1hbiBSZW1hc3RlcmVkIEZyZWUgRG93bmxvYWQgKHYuLi4uZXhlC:\Users\admin\AppData\Local\Temp\Marvels Spider-Man Remastered Free Download (v....exe
Marvels Spider-Man Remastered Free Download (v....exe
User:
admin
Company:
IC001
Integrity Level:
HIGH
Description:
Software Installation
Exit code:
0
Version:
1.5.1.6578
Modules
Images
c:\users\admin\appdata\local\temp\marvels spider-man remastered free download (v....exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
Total events
10 963
Read events
10 914
Write events
49
Delete events
0

Modification events

(PID) Process:(3484) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3484) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3484) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(3484) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(3484) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\178\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3988) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3988) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3988) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(3988) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(3988) Marvels Spider-Man Remastered Free Download (v....exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\178\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
Executable files
20
Suspicious files
4
Text files
19
Unknown types
0

Dropped files

PID
Process
Filename
Type
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\vcruntime140.dllexecutable
MD5:1A84957B6E681FCA057160CD04E26B27
SHA256:9FAEAA45E8CC986AF56F28350B38238B03C01C355E9564B849604B8D690919C5
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OUtilities.dllexecutable
MD5:DE46930143BFC9B30F0F68EF2317A320
SHA256:FE4942CF5B5FDFD04E6AF4CDAA128FBADD35B9A4C6D7D6B4407A02CE55131932
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OModels.dllexecutable
MD5:E57646A871A04782FD546583A01D62B4
SHA256:F5138FE637E5B1B735FB2E54607147CEB973CC537AD07690EF1BCA27AC6DA4B5
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OViewModels.dllexecutable
MD5:0EF343471A5777B6F90D9AE85164449E
SHA256:295B970CD45CA0D9577D5CE875DE5CF92367FCB6C7794E525B00090FA1AD62D6
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\SciterWrapper.dllexecutable
MD5:6CBC4475B6AF8A6F68ED8696DF09FF2D
SHA256:51E42FF1D66F3042E512BE1DD60AC1C7B1A2A5307ACD191DFFCF24EF106C8970
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\OfferSDK.dllexecutable
MD5:1105B8B33B0F019651566B87959512E2
SHA256:9A059883BEE5177723B1A971172010A349DB64C1DD60FCB3BBF190FE0E78BB07
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2ODAL.dllexecutable
MD5:D7134E64BDCE2EA5FA7504781A57ADAA
SHA256:F28041AB9EDB612DA9E7C42BB4D940E69FB440D4CB786F969512E0B61E54E637
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Newtonsoft.Json.dllexecutable
MD5:9DE86CDF74A30602D6BAA7AFFC8C4A0F
SHA256:56032ADE45CCF8F4C259A2E57487124CF448A90BCA2EEB430DA2722D9E109583
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\IC001\Marvels_Spider-Man_Remast_Url_ervbnihfiao4jf5iyp2r2tcrfevw2b30\1.5.1.6578\user.configxml
MD5:C76D70D8440A273C2B2A2764F33323B8
SHA256:8F6658DFB498D9BC831670DFFD055D850D327A2DEFD82E1F24416316B037135D
3484Marvels Spider-Man Remastered Free Download (v....exeC:\Users\admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\MyDownloader.Core.dllexecutable
MD5:F931E960CC4ED0D2F392376525FF44DB
SHA256:1C1C5330EA35F518BF85FAD69DC2DA1A98A4DFEADBF6AC0BA0AC7CC51BBCC870
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
14
DNS requests
10
Threats
2

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3988
Marvels Spider-Man Remastered Free Download (v....exe
GET
200
209.197.3.8:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?651bb4fe8d2189e5
US
compressed
61.6 Kb
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3284
svchost.exe
239.255.255.250:1900
whitelisted
3484
Marvels Spider-Man Remastered Free Download (v....exe
104.18.68.73:443
h2oapi.adaware.com
CLOUDFLARENET
whitelisted
3988
Marvels Spider-Man Remastered Free Download (v....exe
104.18.68.73:443
h2oapi.adaware.com
CLOUDFLARENET
whitelisted
3484
Marvels Spider-Man Remastered Free Download (v....exe
104.18.67.73:443
h2oapi.adaware.com
CLOUDFLARENET
whitelisted
3988
Marvels Spider-Man Remastered Free Download (v....exe
104.17.8.52:443
flow.lavasoft.com
CLOUDFLARENET
shared
3988
Marvels Spider-Man Remastered Free Download (v....exe
104.18.67.73:443
h2oapi.adaware.com
CLOUDFLARENET
whitelisted
3988
Marvels Spider-Man Remastered Free Download (v....exe
2.19.126.79:443
cdn-download.avgbrowser.com
Akamai International B.V.
DE
suspicious
3988
Marvels Spider-Man Remastered Free Download (v....exe
209.197.3.8:80
ctldl.windowsupdate.com
STACKPATH-CDN
US
whitelisted
3988
Marvels Spider-Man Remastered Free Download (v....exe
185.31.172.243:443
kodi.mirror.liteserver.nl
The Infrastructure Group B.V.
NL
unknown

DNS requests

Domain
IP
Reputation
h2oapi.adaware.com
  • 104.18.68.73
  • 104.18.67.73
malicious
dns.msftncsi.com
  • 131.107.255.255
shared
www.google.com
  • 172.217.16.196
malicious
flow.lavasoft.com
  • 104.17.8.52
  • 104.17.9.52
whitelisted
sos.adaware.com
  • 104.18.68.73
  • 104.18.67.73
whitelisted
sdl.adaware.com
  • 104.18.67.73
  • 104.18.68.73
whitelisted
cdn-download.avgbrowser.com
  • 2.19.126.79
  • 2.19.126.83
suspicious
ctldl.windowsupdate.com
  • 209.197.3.8
whitelisted
kodi.mirror.liteserver.nl
  • 185.31.172.243
unknown

Threats

Found threats are available for the paid subscriptions
2 ETPRO signatures available at the full report
Process
Message
Marvels Spider-Man Remastered Free Download (v....exe
Error: File not found - sciterwrapper:console.tis
Marvels Spider-Man Remastered Free Download (v....exe
at sciter:init-script.tis
Marvels Spider-Man Remastered Free Download (v....exe
Marvels Spider-Man Remastered Free Download (v....exe
Marvels Spider-Man Remastered Free Download (v....exe
file:resources/tis/TranslateOfferTemplate.tis(82) : warning :'async' does not contain any 'await'
Marvels Spider-Man Remastered Free Download (v....exe
at sciter:init-script.tis
Marvels Spider-Man Remastered Free Download (v....exe
Error: File not found - sciterwrapper:console.tis
Marvels Spider-Man Remastered Free Download (v....exe
Marvels Spider-Man Remastered Free Download (v....exe
Marvels Spider-Man Remastered Free Download (v....exe
file:resources/tis/TranslateOfferTemplate.tis(82) : warning :'async' does not contain any 'await'
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Marvels Spider-Man Remastered Free Download (v....exe