File name:

AULA F3261 USB Setup V1.0 20221126(1).exe

Full analysis: https://app.any.run/tasks/5e6ba25e-15e1-4c25-a3ef-91faada4ed78
Verdict: Malicious activity
Analysis date: June 09, 2024, 11:50:39
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

D14BEA6CD9F52DA7D0F240801867D121

SHA1:

5034B998C81D7D3D47F88F2897570189DE76296D

SHA256:

AC3A4B5C991FAB2C95367783F599D0FF60B3501CABF5B3F92C2A8E519B6EFE87

SSDEEP:

98304:G4OncSf4JvT0scilw2xr4Uf57FbbNw05Gw/DyfUMMnPVi7/d6kYYyspkagrZobfm:zekZ

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • AULA F3261 USB Setup V1.0 20221126(1).exe (PID: 4084)
      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • AULA F3261 USB Setup V1.0 20221126(1).exe (PID: 4084)
      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

    • Process drops legitimate windows executable

      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

    • Reads the Windows owner or organization settings

      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

  • INFO

    • Checks supported languages

      • AULA F3261 USB Setup V1.0 20221126(1).exe (PID: 4084)
      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)
      • OemDrv.exe (PID: 2032)
      • OemDrv.exe (PID: 1768)
      • wmpnscfg.exe (PID: 676)
      • OemDrv.exe (PID: 1056)

    • Create files in a temporary directory

      • AULA F3261 USB Setup V1.0 20221126(1).exe (PID: 4084)
      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

    • Reads the computer name

      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)
      • OemDrv.exe (PID: 2032)
      • OemDrv.exe (PID: 1056)
      • wmpnscfg.exe (PID: 676)
      • OemDrv.exe (PID: 1768)

    • Creates files in the program directory

      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

    • Creates a software uninstall entry

      • AULA F3261 USB Setup V1.0 20221126(1).tmp (PID: 1024)

    • Manual execution by a user

      • OemDrv.exe (PID: 1768)
      • chrome.exe (PID: 616)
      • wmpnscfg.exe (PID: 676)
      • OemDrv.exe (PID: 1056)

    • Application launched itself

      • chrome.exe (PID: 616)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (81.5)
.exe | Win32 Executable Delphi generic (10.5)
.exe | Win32 Executable (generic) (3.3)
.exe | Win16/32 Executable Delphi generic (1.5)
.exe | Generic Win/DOS Executable (1.4)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2009:08:15 19:29:32+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 86016
InitializedDataSize: 194048
UninitializedDataSize: -
EntryPoint: 0x163c4
OSVersion: 5
ImageVersion: 6
SubsystemVersion: 5
Subsystem: Windows GUI
FileVersionNumber: 0.0.0.0
ProductVersionNumber: 0.0.0.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: AULA
FileDescription:
FileVersion:
LegalCopyright:
ProductName:
ProductVersion:
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
61
Monitored processes
24
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start aula f3261 usb setup v1.0 20221126(1).exe aula f3261 usb setup v1.0 20221126(1).tmp oemdrv.exe no specs oemdrv.exe no specs oemdrv.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs wmpnscfg.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs aula f3261 usb setup v1.0 20221126(1).exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
616"C:\Program Files\Google\Chrome\Application\chrome.exe" "--disable-features=OptimizationGuideModelDownloading,OptimizationHintsFetching,OptimizationTargetPrediction,OptimizationHints"C:\Program Files\Google\Chrome\Application\chrome.exe
explorer.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
676"C:\Program Files\Windows Media Player\wmpnscfg.exe"C:\Program Files\Windows Media Player\wmpnscfg.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Media Player Network Sharing Service Configuration Application
Exit code:
0
Version:
12.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\program files\windows media player\wmpnscfg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1024"C:\Users\admin\AppData\Local\Temp\is-S3E9H.tmp\AULA F3261 USB Setup V1.0 20221126(1).tmp" /SL5="$30138,2688546,281088,C:\Users\admin\AppData\Local\Temp\AULA F3261 USB Setup V1.0 20221126(1).exe" C:\Users\admin\AppData\Local\Temp\is-S3E9H.tmp\AULA F3261 USB Setup V1.0 20221126(1).tmp
AULA F3261 USB Setup V1.0 20221126(1).exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1048.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-s3e9h.tmp\aula f3261 usb setup v1.0 20221126(1).tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
1056"C:\Program Files\AULA F3261\OemDrv.exe" C:\Program Files\AULA F3261\OemDrv.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
2
Version:
2, 0, 0, 0
Modules
Images
c:\program files\aula f3261\oemdrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msimg32.dll
1592"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x6e058b38,0x6e058b48,0x6e058b54C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1640"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1132,i,606558843250212821,7260685441523193816,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1768"C:\Program Files\AULA F3261\OemDrv.exe" C:\Program Files\AULA F3261\OemDrv.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
2
Version:
2, 0, 0, 0
Modules
Images
c:\program files\aula f3261\oemdrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msimg32.dll
1964"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1320 --field-trial-handle=1132,i,606558843250212821,7260685441523193816,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
2032"C:\Program Files\AULA F3261\OemDrv.exe"C:\Program Files\AULA F3261\OemDrv.exeAULA F3261 USB Setup V1.0 20221126(1).tmp
User:
admin
Integrity Level:
HIGH
Exit code:
2
Version:
2, 0, 0, 0
Modules
Images
c:\program files\aula f3261\oemdrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msimg32.dll
2284"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --disable-quic --mojo-platform-channel-handle=1624 --field-trial-handle=1132,i,606558843250212821,7260685441523193816,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
109.0.5414.120
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\109.0.5414.120\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
Total events
6 763
Read events
6 680
Write events
82
Delete events
1

Modification events

(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:Inno Setup: Setup Version
Value:
5.3.4 (u)
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files\AULA F3261
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files\AULA F3261\
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:Inno Setup: Icon Group
Value:
AULA F3261
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:Inno Setup: User
Value:
admin
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:DisplayName
Value:
AULA F3261
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:UninstallString
Value:
"C:\Program Files\AULA F3261\unins000.exe"
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:QuietUninstallString
Value:
"C:\Program Files\AULA F3261\unins000.exe" /SILENT
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:DisplayVersion
Value:
1.0
(PID) Process:(1024) AULA F3261 USB Setup V1.0 20221126(1).tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7BFCFB7D-3EA3-43ED-8F3D-C0DA6C4642BC}_is1
Operation:writeName:Publisher
Value:
AULA
Executable files
14
Suspicious files
193
Text files
241
Unknown types
0

Dropped files

PID
Process
Filename
Type
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\ET\is-FMH5I.tmptext
MD5:39401A134D6505AFF3650F2DF2B8E3A6
SHA256:24045EC3FE62EFF485E20D6969697A88800E63485ABD4A2EB3A79F530C320138
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\unins000.exeexecutable
MD5:41BC809D6856B72BACDE28596A3D9D20
SHA256:7E4C72A14770C376417B44BF10B0D8D14B15F03AEC7450A5A86E96AEFA9B6DF6
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Users\admin\AppData\Local\Temp\is-618CR.tmp\_isetup\_shfoldr.dllexecutable
MD5:92DC6EF532FBB4A5C3201469A5B5EB63
SHA256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\ET\is-EJR3I.tmptext
MD5:DEDFC901BAA86FAA406AFD3D6930BE67
SHA256:EEAA985A79429B2152969EDCAFE595972BFBDF2A8B58EE5EB754965F37407497
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\is-HNSSE.tmpexecutable
MD5:41BC809D6856B72BACDE28596A3D9D20
SHA256:7E4C72A14770C376417B44BF10B0D8D14B15F03AEC7450A5A86E96AEFA9B6DF6
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\ET\audiobar.txttext
MD5:DEDFC901BAA86FAA406AFD3D6930BE67
SHA256:EEAA985A79429B2152969EDCAFE595972BFBDF2A8B58EE5EB754965F37407497
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\ET\flower.txttext
MD5:39401A134D6505AFF3650F2DF2B8E3A6
SHA256:24045EC3FE62EFF485E20D6969697A88800E63485ABD4A2EB3A79F530C320138
4084AULA F3261 USB Setup V1.0 20221126(1).exeC:\Users\admin\AppData\Local\Temp\is-S3E9H.tmp\AULA F3261 USB Setup V1.0 20221126(1).tmpexecutable
MD5:45115519D1F8B09519FEF32A2612B9FC
SHA256:02EEC62B7139A7CFC747D5F897CCEDCF76EA154EC63EDE231436A0F89E317387
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\ET\is-2QD0Q.tmptext
MD5:6E99346CA475295D70746214CF4497B7
SHA256:5B27D7ABEA0A3FEAC4805F4EC38FDC2460F1D6F504B2E6A84385A65A7D011FBB
1024AULA F3261 USB Setup V1.0 20221126(1).tmpC:\Program Files\AULA F3261\skins\is-8PVGE.tmpimage
MD5:7F6993CD644D8EC5D6766613B4BBFB10
SHA256:7FC2904D8EBF6270D0927A2F087949E31F65EF5D34A2A1FDA9CB4B477E764301
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
13
TCP/UDP connections
44
DNS requests
51
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
884
svchost.exe
HEAD
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
HEAD
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adtp63xadzqu6yysjolme33hjxoq_20220505/dhlpobdgcjafebgbbhjdnapejmpkgiie_20220505_all_adfdqqtvlhuhhtrt6irlkpynghca.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
884
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihinmdlkakkaopbjbbcngflc_120.0.6050.0_all_dgzfpknn7v3zslsbhrwu6bt44e.crx3
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
unknown
4
System
192.168.100.255:138
unknown
1088
svchost.exe
224.0.0.252:5355
unknown
2364
chrome.exe
142.250.184.195:443
clientservices.googleapis.com
GOOGLE
US
unknown
616
chrome.exe
239.255.255.250:1900
unknown
2364
chrome.exe
74.125.133.84:443
accounts.google.com
GOOGLE
US
unknown
2364
chrome.exe
142.250.184.228:443
www.google.com
GOOGLE
US
unknown
2364
chrome.exe
142.250.185.174:443
encrypted-tbn0.gstatic.com
GOOGLE
US
unknown
2364
chrome.exe
216.58.212.129:443
lh5.googleusercontent.com
GOOGLE
US
unknown
2364
chrome.exe
172.217.16.195:443
update.googleapis.com
GOOGLE
US
unknown

DNS requests

Domain
IP
Reputation
clientservices.googleapis.com
  • 142.250.184.195
unknown
accounts.google.com
  • 74.125.133.84
unknown
www.google.com
  • 142.250.184.228
  • 216.58.206.68
unknown
encrypted-tbn0.gstatic.com
  • 142.250.185.174
unknown
lh5.googleusercontent.com
  • 216.58.212.129
unknown
update.googleapis.com
  • 172.217.16.195
unknown
virustotal.com
  • 216.239.36.21
  • 216.239.34.21
  • 216.239.32.21
  • 216.239.38.21
unknown
www.virustotal.com
  • 74.125.34.46
unknown
www.recaptcha.net
  • 142.250.186.67
unknown
www.gstatic.com
  • 216.58.206.35
unknown

Threats

No threats detected
Process
Message
AULA F3261 USB Setup V1.0 20221126(1).tmp
InitSetup: Remove Folder OK.
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
AULA F3261 USB Setup V1.0 20221126(1).exe