URL:

www.drvhub.net

Full analysis: https://app.any.run/tasks/bcbd56d7-f436-45c8-87be-7e7452ebacd2
Verdict: Malicious activity
Analysis date: February 21, 2025, 08:57:11
OS: Windows 10 Professional (build: 19045, 64 bit)
Tags:
evasion
opera
tool
Indicators:
MD5:

099115AEADF7A187023E6A2ECC233B1F

SHA1:

8A33FE5F2E8667AAA377527B0470652BF4130A11

SHA256:

9E0C5A0ADE20D8B45680E0A6A6DAE3BB0C46044A3830F2E7ECC123B41B430BE8

SSDEEP:

3:ERCoR:qCoR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • VC_redist.x86.exe (PID: 4308)
      • opera.exe (PID: 7432)

  • SUSPICIOUS

    • Reads security settings of Internet Explorer

      • driver-hub-install__28.exe (PID: 3688)
      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 716)
      • setup.exe (PID: 3544)
      • DriverHub.exe (PID: 5300)
      • installer.exe (PID: 7908)

    • Application launched itself

      • driver-hub-install__28.exe (PID: 3688)
      • VC_redist.x86.exe (PID: 3828)
      • VC_redist.x86.exe (PID: 716)
      • setup.exe (PID: 3544)
      • setup.exe (PID: 2456)
      • installer.exe (PID: 7908)
      • assistant_installer.exe (PID: 7820)
      • opera.exe (PID: 7432)
      • installer.exe (PID: 7780)
      • opera_autoupdate.exe (PID: 8496)
      • opera_autoupdate.exe (PID: 9096)

    • Executable content was dropped or overwritten

      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 1544)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 4308)
      • VC_redist.x86.exe (PID: 716)
      • DriverHub.exe (PID: 5300)
      • OperaGXSetup.exe (PID: 1916)
      • VC_redist.x86.exe (PID: 1296)
      • setup.exe (PID: 3544)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • setup.exe (PID: 6356)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 7020)
      • setup.exe (PID: 2120)
      • setup.exe (PID: 2456)
      • icarus.exe (PID: 520)
      • icarus.exe (PID: 7224)
      • Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe (PID: 7780)
      • installer.exe (PID: 7908)
      • installer.exe (PID: 7932)
      • installer.exe (PID: 7780)
      • installer.exe (PID: 9040)
      • opera_autoupdate.exe (PID: 9096)
      • installer.exe (PID: 8220)

    • Process drops legitimate windows executable

      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 1544)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 4308)
      • msiexec.exe (PID: 6032)
      • VC_redist.x86.exe (PID: 1296)
      • DriverHub.exe (PID: 5300)
      • icarus.exe (PID: 7224)

    • Searches for installed software

      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 4036)
      • dllhost.exe (PID: 2152)
      • VC_redist.x86.exe (PID: 1296)
      • VC_redist.x86.exe (PID: 716)
      • installer.exe (PID: 7908)

    • Starts a Microsoft application from unusual location

      • vcredist.exe (PID: 1544)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 4308)

    • Creates a software uninstall entry

      • driver-hub-install__28.exe (PID: 5268)
      • VC_redist.x86.exe (PID: 4308)
      • installer.exe (PID: 7908)

    • Executes as Windows Service

      • VSSVC.exe (PID: 1076)

    • Checks Windows Trust Settings

      • msiexec.exe (PID: 6032)
      • setup.exe (PID: 3544)
      • DriverHub.exe (PID: 5300)

    • Starts itself from another location

      • vcredist.exe (PID: 4036)
      • setup.exe (PID: 3544)
      • icarus.exe (PID: 520)

    • The process drops C-runtime libraries

      • msiexec.exe (PID: 6032)
      • DriverHub.exe (PID: 5300)
      • icarus.exe (PID: 7224)

    • Reads the Windows owner or organization settings

      • msiexec.exe (PID: 6032)

    • Checks for external IP

      • svchost.exe (PID: 2192)
      • avast_free_antivirus_setup_online.exe (PID: 4976)

    • Reads the date of Windows installation

      • installer.exe (PID: 7908)
      • opera.exe (PID: 7432)

    • The process executes via Task Scheduler

      • opera_autoupdate.exe (PID: 9096)

    • Drops a system driver (possible attempt to evade defenses)

      • icarus.exe (PID: 7224)

  • INFO

    • Checks supported languages

      • driver-hub-install__28.exe (PID: 3688)
      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 4036)
      • vcredist.exe (PID: 1544)
      • msiexec.exe (PID: 6032)
      • VC_redist.x86.exe (PID: 4308)
      • VC_redist.x86.exe (PID: 3828)
      • VC_redist.x86.exe (PID: 716)
      • VC_redist.x86.exe (PID: 1296)
      • test_wpf.exe (PID: 3172)
      • OperaGXSetup.exe (PID: 1916)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • DriverHub.exe (PID: 5300)
      • setup.exe (PID: 3544)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 2456)
      • setup.exe (PID: 6356)
      • setup.exe (PID: 7020)
      • setup.exe (PID: 2120)
      • icarus.exe (PID: 7224)
      • icarus.exe (PID: 7232)
      • icarus.exe (PID: 520)
      • Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe (PID: 7780)
      • assistant_installer.exe (PID: 7820)
      • assistant_installer.exe (PID: 7840)
      • installer.exe (PID: 7908)
      • opera_crashreporter.exe (PID: 6580)
      • opera.exe (PID: 7520)
      • opera.exe (PID: 1044)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 7012)
      • opera.exe (PID: 4804)
      • opera.exe (PID: 1684)
      • opera.exe (PID: 6392)
      • opera.exe (PID: 1216)
      • opera.exe (PID: 7940)
      • opera.exe (PID: 7188)
      • opera.exe (PID: 8112)
      • opera.exe (PID: 1144)
      • opera.exe (PID: 6624)
      • opera.exe (PID: 5496)
      • opera.exe (PID: 4308)
      • opera_gx_splash.exe (PID: 7596)
      • opera.exe (PID: 880)
      • opera.exe (PID: 2084)
      • opera.exe (PID: 7660)
      • opera.exe (PID: 6616)
      • opera.exe (PID: 8696)
      • opera.exe (PID: 8904)
      • opera.exe (PID: 8916)
      • opera.exe (PID: 8932)
      • opera.exe (PID: 8924)
      • opera.exe (PID: 8976)
      • opera.exe (PID: 8956)
      • opera.exe (PID: 6136)
      • opera.exe (PID: 9140)
      • opera.exe (PID: 9108)
      • opera.exe (PID: 9132)
      • opera.exe (PID: 9000)
      • opera.exe (PID: 8864)
      • opera.exe (PID: 8704)
      • opera.exe (PID: 9152)
      • installer.exe (PID: 9040)
      • opera.exe (PID: 9028)
      • opera.exe (PID: 9124)
      • opera.exe (PID: 8888)
      • installer.exe (PID: 7780)
      • opera.exe (PID: 8516)
      • opera_autoupdate.exe (PID: 9192)
      • opera.exe (PID: 8476)
      • installer.exe (PID: 8220)
      • opera.exe (PID: 8820)

    • Application launched itself

      • chrome.exe (PID: 6452)

    • Reads the machine GUID from the registry

      • driver-hub-install__28.exe (PID: 5268)
      • driver-hub-install__28.exe (PID: 3688)
      • VC_redist.x86.exe (PID: 4308)
      • msiexec.exe (PID: 6032)
      • DriverHub.exe (PID: 5300)
      • test_wpf.exe (PID: 3172)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 3544)
      • icarus.exe (PID: 520)
      • icarus.exe (PID: 7224)
      • icarus.exe (PID: 7232)
      • opera.exe (PID: 7432)
      • opera_autoupdate.exe (PID: 9192)

    • Process checks computer location settings

      • driver-hub-install__28.exe (PID: 3688)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 716)
      • driver-hub-install__28.exe (PID: 5268)
      • DriverHub.exe (PID: 5300)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 7188)
      • opera.exe (PID: 880)
      • opera.exe (PID: 7940)
      • opera.exe (PID: 8112)
      • opera.exe (PID: 6136)
      • opera.exe (PID: 7660)
      • opera.exe (PID: 6616)
      • opera.exe (PID: 8696)
      • opera.exe (PID: 2084)
      • opera.exe (PID: 9108)

    • Disables trace logs

      • driver-hub-install__28.exe (PID: 5268)
      • DriverHub.exe (PID: 5300)

    • Reads the software policy settings

      • driver-hub-install__28.exe (PID: 5268)
      • msiexec.exe (PID: 6032)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 3544)
      • DriverHub.exe (PID: 5300)

    • Creates files in the program directory

      • driver-hub-install__28.exe (PID: 5268)
      • DriverHub.exe (PID: 5300)

    • Reads the computer name

      • driver-hub-install__28.exe (PID: 5268)
      • driver-hub-install__28.exe (PID: 3688)
      • vcredist.exe (PID: 4036)
      • VC_redist.x86.exe (PID: 4308)
      • msiexec.exe (PID: 6032)
      • VC_redist.x86.exe (PID: 716)
      • VC_redist.x86.exe (PID: 1296)
      • test_wpf.exe (PID: 3172)
      • DriverHub.exe (PID: 5300)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 3544)
      • setup.exe (PID: 2456)
      • icarus.exe (PID: 7224)
      • icarus.exe (PID: 7232)
      • icarus.exe (PID: 520)
      • assistant_installer.exe (PID: 7820)
      • installer.exe (PID: 7908)
      • opera.exe (PID: 8104)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 7516)
      • opera.exe (PID: 7520)
      • opera_gx_splash.exe (PID: 7596)
      • opera.exe (PID: 5496)
      • opera.exe (PID: 4308)
      • installer.exe (PID: 7780)

    • The sample compiled with russian language support

      • driver-hub-install__28.exe (PID: 5268)

    • Checks proxy server information

      • driver-hub-install__28.exe (PID: 5268)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 3544)
      • DriverHub.exe (PID: 5300)
      • opera.exe (PID: 7432)

    • The sample compiled with english language support

      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 4036)
      • vcredist.exe (PID: 1544)
      • VC_redist.x86.exe (PID: 4308)
      • msiexec.exe (PID: 6032)
      • VC_redist.x86.exe (PID: 716)
      • DriverHub.exe (PID: 5300)
      • VC_redist.x86.exe (PID: 1296)
      • OperaGXSetup.exe (PID: 1916)
      • setup.exe (PID: 3544)
      • avast_free_antivirus_setup_online.exe (PID: 4976)
      • setup.exe (PID: 7020)
      • avast_free_antivirus_online_setup.exe (PID: 2928)
      • setup.exe (PID: 6356)
      • setup.exe (PID: 2456)
      • icarus.exe (PID: 520)
      • icarus.exe (PID: 7224)
      • Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe (PID: 7780)
      • installer.exe (PID: 7908)
      • opera_autoupdate.exe (PID: 9096)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 6452)
      • msiexec.exe (PID: 6032)

    • Create files in a temporary directory

      • driver-hub-install__28.exe (PID: 5268)
      • vcredist.exe (PID: 4036)

    • Manages system restore points

      • SrTasks.exe (PID: 3688)

    • Creates a software uninstall entry

      • msiexec.exe (PID: 6032)

    • Creates files or folders in the user directory

      • setup.exe (PID: 3544)
      • DriverHub.exe (PID: 5300)

    • Reads CPU info

      • icarus.exe (PID: 520)
      • icarus.exe (PID: 7232)
      • icarus.exe (PID: 7224)

    • Reads Environment values

      • icarus.exe (PID: 7224)

    • The sample compiled with czech language support

      • icarus.exe (PID: 7224)

    • Manual execution by a user

      • opera.exe (PID: 7432)

    • OPERA mutex has been found

      • opera.exe (PID: 7432)
      • opera_autoupdate.exe (PID: 8496)
      • opera_autoupdate.exe (PID: 9096)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
259
Monitored processes
122
Malicious processes
18
Suspicious processes
3

Behavior graph

Click at the process to see the details
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs driver-hub-install__28.exe no specs driver-hub-install__28.exe chrome.exe no specs vcredist.exe vcredist.exe vc_redist.x86.exe SPPSurrogate no specs vssvc.exe no specs srtasks.exe no specs conhost.exe no specs msiexec.exe vc_redist.x86.exe no specs vc_redist.x86.exe vc_redist.x86.exe driverhub.exe test_wpf.exe no specs operagxsetup.exe avast_free_antivirus_setup_online.exe setup.exe avast_free_antivirus_online_setup.exe setup.exe setup.exe setup.exe setup.exe icarus.exe icarus.exe icarus.exe no specs opera_gx_assistant_73.0.3856.382_setup.exe_sfx.exe assistant_installer.exe assistant_installer.exe no specs installer.exe installer.exe opera.exe no specs opera_crashreporter.exe no specs opera.exe opera_crashreporter.exe no specs opera.exe no specs opera.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera_gx_splash.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs comppkgsrv.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs installer.exe opera_autoupdate.exe opera.exe no specs opera.exe no specs installer.exe opera.exe no specs opera.exe no specs opera_autoupdate.exe opera_autoupdate.exe no specs opera_autoupdate.exe no specs opera.exe no specs installer.exe svchost.exe

Process information

PID
CMD
Path
Indicators
Parent process
432"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --field-trial-handle=3448,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=4112 /prefetch:8C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera GX Internet Browser
Exit code:
0
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
520C:\WINDOWS\Temp\asw-a7a5eb39-a755-4378-bad9-f2688df96c84\common\icarus.exe /icarus-info-path:C:\WINDOWS\Temp\asw-a7a5eb39-a755-4378-bad9-f2688df96c84\icarus-info.xml /install /silent /WS /cookie:mmm_mrk_ppi_004_408_v /edat_dir:C:\WINDOWS\Temp\asw.eb1a133b1431df66 /geo:US /track-guid:cb3befa6-f236-4a24-acb0-3035ac0b3f9eC:\Windows\Temp\asw-a7a5eb39-a755-4378-bad9-f2688df96c84\common\icarus.exe
avast_free_antivirus_online_setup.exe
User:
admin
Company:
Gen Digital Inc.
Integrity Level:
HIGH
Description:
Avast Installer
Version:
25.1.8538.0
Modules
Images
c:\windows\temp\asw-a7a5eb39-a755-4378-bad9-f2688df96c84\common\icarus.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\winhttp.dll
716"C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\VC_redist.x86.exe" -burn.clean.room="C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\VC_redist.x86.exe" -burn.filehandle.attached=532 -burn.filehandle.self=552 -uninstall -quiet -burn.related.upgrade -burn.ancestors={46c3b171-c15c-4137-8e1d-67eeb2985b44} -burn.filehandle.self=1132 -burn.embedded BurnPipe.{21E0DADF-3186-4AAD-9B32-12A1335A759D} {C757215E-A053-427B-A452-5A7CAC377059} 4308C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\VC_redist.x86.exe
VC_redist.x86.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532
Exit code:
0
Version:
14.36.32532.0
Modules
Images
c:\programdata\package cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\vc_redist.x86.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
880"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=renderer --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0 (Edition std-2)" --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4600,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=4568 /prefetch:1C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera GX Internet Browser
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1044"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --field-trial-handle=3296,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=3396 /prefetch:8C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera GX Internet Browser
Exit code:
0
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1076C:\WINDOWS\system32\vssvc.exeC:\Windows\System32\VSSVC.exeservices.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Microsoft® Volume Shadow Copy Service
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\vssvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
1144"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=utility --utility-sub-type=opera.lights.mojom.Logitech --lang=en-US --service-sandbox-type=none --enable-quic --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --field-trial-handle=5676,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:8C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera GX Internet Browser
Exit code:
0
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
1192"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --disable-quic --no-appcompat-clear --mojo-platform-channel-handle=6580 --field-trial-handle=1904,i,2386434396853664119,12992008194836835536,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
122.0.6261.70
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
1192"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=renderer --extension-process --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0 (Edition std-2)" --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6644,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=7488 /prefetch:2C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera GX Internet Browser
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1216"C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exe" --type=renderer --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0 (Edition std-2)" --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=off --with-feature:address-bar-dropdown-unfiltered-full=off --with-feature:amazon-new-ids=on --with-feature:capital-one-cashback-protection=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:continue-shopping-cms-configuration=on --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:game-servers=off --with-feature:gx-post-mortem=on --with-feature:gx-reactinator=on --with-feature:gx-spotlight=on --with-feature:gx-video-to-phone=on --with-feature:lucid-mode-hide-text=on --with-feature:new-news-backend=on --with-feature:new-personal-news-backend=on --with-feature:panic-button=on --with-feature:password-generator=off --with-feature:play-again=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=on --with-feature:sd-suggestions-external=on --with-feature:session-restore-attribution=on --with-feature:side-profiles=on --with-feature:sitecheck-age=on --with-feature:tiktok-panel=on --with-feature:ui-compositor-multithreaded=on --with-feature:installer-experiment-test=off --ab_tests=GXCTest50-test:DNA-99214_GXCTest50 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3872,i,7998213512438070534,5334972978483674164,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu --variations-seed-version --mojo-platform-channel-handle=4228 /prefetch:1C:\Users\admin\AppData\Local\Programs\Opera GX\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera GX Internet Browser
Exit code:
0
Version:
116.0.5366.148
Modules
Images
c:\users\admin\appdata\local\programs\opera gx\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera gx\116.0.5366.148\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
Total events
56 165
Read events
55 027
Write events
835
Delete events
303

Modification events

(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\StabilityMetrics
Operation:writeName:user_experience_metrics.stability.exited_cleanly
Value:
0
(PID) Process:(6452) chrome.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
Operation:writeName:usagestats
Value:
0
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling\Dictionaries
Operation:delete valueName:en-US
Value:
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling\Dictionaries
Operation:delete valueName:en
Value:
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling\Dictionaries
Operation:delete valueName:_Global_
Value:
(PID) Process:(6932) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
Operation:writeName:{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
Value:
0100000000000000C6F02BCE3E84DB01
(PID) Process:(6452) chrome.exeKey:HKEY_CURRENT_USER\SOFTWARE\Google\Common\Rlz\Events\C
Operation:writeName:C1I
Value:
1
Executable files
526
Suspicious files
1 776
Text files
969
Unknown types
0

Dropped files

PID
Process
Filename
Type
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\discounts_db\LOG.old~RF1367a6.TMP
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\parcel_tracking_db\LOG.old~RF1367a6.TMP
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\discounts_db\LOG.old
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\parcel_tracking_db\LOG.old
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\chrome_cart_db\LOG.old~RF1367a6.TMP
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\chrome_cart_db\LOG.old
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old~RF1367a6.TMP
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\commerce_subscription_db\LOG.old
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old~RF1367c6.TMP
MD5:
SHA256:
6452chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\coupon_db\LOG.old
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
40
TCP/UDP connections
244
DNS requests
246
Threats
16

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4712
MoUsoCoreWorker.exe
GET
200
95.101.54.128:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
716
svchost.exe
GET
200
95.101.54.128:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
716
svchost.exe
GET
200
23.219.150.101:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
4712
MoUsoCoreWorker.exe
GET
200
23.219.150.101:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
GET
200
23.219.150.101:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
5096
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
5096
SIHClient.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
1176
svchost.exe
GET
200
2.23.77.188:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
6356
backgroundTaskHost.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4712
MoUsoCoreWorker.exe
95.101.54.128:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
716
svchost.exe
95.101.54.128:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
4712
MoUsoCoreWorker.exe
23.219.150.101:80
www.microsoft.com
AKAMAI-AS
CL
whitelisted
716
svchost.exe
23.219.150.101:80
www.microsoft.com
AKAMAI-AS
CL
whitelisted
5064
SearchApp.exe
184.86.251.22:443
www.bing.com
Akamai International B.V.
DE
whitelisted
23.219.150.101:80
www.microsoft.com
AKAMAI-AS
CL
whitelisted
2.23.77.188:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 40.127.240.158
whitelisted
crl.microsoft.com
  • 95.101.54.128
  • 95.101.54.122
  • 2.16.164.128
  • 2.16.164.35
  • 2.16.164.75
  • 2.16.164.107
  • 2.16.164.96
  • 2.16.164.40
  • 2.16.164.17
whitelisted
www.microsoft.com
  • 23.219.150.101
  • 184.30.21.171
whitelisted
www.bing.com
  • 184.86.251.22
  • 184.86.251.30
  • 184.86.251.27
  • 184.86.251.5
  • 184.86.251.25
  • 184.86.251.26
  • 184.86.251.4
  • 184.86.251.24
  • 184.86.251.28
whitelisted
google.com
  • 172.217.18.14
whitelisted
ocsp.digicert.com
  • 2.23.77.188
  • 2.17.190.73
whitelisted
go.microsoft.com
  • 2.18.97.227
  • 23.35.238.131
whitelisted
www.drvhub.net
  • 188.130.153.33
  • 188.130.153.32
whitelisted
accounts.google.com
  • 108.177.15.84
whitelisted
cdn.jsdelivr.net
  • 104.18.187.31
  • 104.18.186.31
whitelisted

Threats

PID
Process
Class
Message
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
6748
chrome.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
2192
svchost.exe
Misc activity
ET INFO External IP Lookup Service in DNS Query (ip-info .ff .avast .com)
4976
avast_free_antivirus_setup_online.exe
Misc activity
ET INFO Observed External IP Lookup Domain (ip-info .ff .avast .com) in TLS SNI
7516
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
7516
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
Process
Message
DriverHub.exe
qrc:/main.qml:655:13: QML Connections: Implicitly defined onFoo properties in Connections are deprecated. Use this syntax instead: function onFoo(<arguments>) { ... }
DriverHub.exe
qrc:/UpdateProgressDialog.qml:11:5: QML Connections: Implicitly defined onFoo properties in Connections are deprecated. Use this syntax instead: function onFoo(<arguments>) { ... }
DriverHub.exe
qrc:/main.qml:453:31: QML ItemDelegate: Binding loop detected for property "height"
DriverHub.exe
file:///C:/Program Files (x86)/DriverHub/QtQuick/Dialogs/DefaultFileDialog.qml:102:33: QML Settings: The following application identifiers have not been set: QVector("organizationName", "organizationDomain")
DriverHub.exe
file:///C:/Program Files (x86)/DriverHub/QtQuick/Dialogs/DefaultFileDialog.qml:102:33: QML Settings: Failed to initialize QSettings instance. Status code is: 1
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:29:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:29:9: QML MyCheckBox: Binding loop detected for property "width"
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
www.drvhub.net