File name:

driver-hub-install__31.exe

Full analysis: https://app.any.run/tasks/945788bd-5028-4aec-a361-8df18ef1dbcb
Verdict: Malicious activity
Analysis date: February 15, 2024, 09:38:53
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

49F38034852A31F5BC6959F8E1EE7C82

SHA1:

4DBA9E745D0AE24F1B5DB6D08B329003686F6AFA

SHA256:

B247BE78BBD13776AE8C05106CCF2136911186ECF8BAD1A4BE2DE93E365429F2

SSDEEP:

98304:K4ttWaRF/xPRem/weyUxWuABC6lisdlxVanqhk8vO39bwWcyDDH/yMccKocWv8lF:DhWKU

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • OperaDownloader.exe (PID: 1900)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

  • SUSPICIOUS

    • Reads the Internet Settings

      • driver-hub-install__31.exe (PID: 3428)
      • driver-hub-install__31.exe (PID: 3864)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Reads security settings of Internet Explorer

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Application launched itself

      • driver-hub-install__31.exe (PID: 3864)

    • Reads Microsoft Outlook installation path

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)

    • Reads Internet Explorer settings

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)

    • Reads settings of System Certificates

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)

    • Adds/modifies Windows certificates

      • driver-hub-install__31.exe (PID: 3428)

    • Creates a software uninstall entry

      • driver-hub-install__31.exe (PID: 3428)

    • Process drops legitimate windows executable

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)

    • Executable content was dropped or overwritten

      • driver-hub-install__31.exe (PID: 3428)
      • OperaDownloader.exe (PID: 1900)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Checks Windows Trust Settings

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)

    • The process drops C-runtime libraries

      • DriverHub.exe (PID: 1976)

    • Detected use of alternative data streams (AltDS)

      • DriverHub.exe (PID: 1976)

    • Process requests binary or script from the Internet

      • 360TotalSecurityDownloader.exe (PID: 3108)

  • INFO

    • Checks supported languages

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)
      • OperaDownloader.exe (PID: 1900)
      • 360TotalSecurityDownloader.exe (PID: 3108)
      • test_wpf.exe (PID: 2156)

    • Checks proxy server information

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Reads the computer name

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • test_wpf.exe (PID: 2156)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Process checks whether UAC notifications are on

      • driver-hub-install__31.exe (PID: 3428)

    • Reads the machine GUID from the registry

      • driver-hub-install__31.exe (PID: 3864)
      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)
      • test_wpf.exe (PID: 2156)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Creates files in the program directory

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)

    • Create files in a temporary directory

      • driver-hub-install__31.exe (PID: 3428)
      • OperaDownloader.exe (PID: 1900)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Creates files or folders in the user directory

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)
      • 360TotalSecurityDownloader.exe (PID: 3108)

    • Reads the software policy settings

      • driver-hub-install__31.exe (PID: 3428)
      • DriverHub.exe (PID: 1976)

    • Application launched itself

      • msedge.exe (PID: 2488)
      • msedge.exe (PID: 3800)

    • Reads Environment values

      • DriverHub.exe (PID: 1976)

    • Process checks computer location settings

      • DriverHub.exe (PID: 1976)

    • Manual execution by a user

      • msedge.exe (PID: 3800)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable (generic) (3.6)
.exe | Generic Win/DOS Executable (1.6)
.exe | DOS Executable Generic (1.5)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:02:06 15:44:56+00:00
ImageFileCharacteristics: Executable, 32-bit
PEType: PE32
LinkerVersion: 14.29
CodeSize: 4751872
InitializedDataSize: 7326208
UninitializedDataSize: -
EntryPoint: 0x4008b2
OSVersion: 6
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 3.4.2.0
ProductVersionNumber: 3.4.2.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: ROSTPAY LTD.
FileDescription: Install DriverHub
InternalName: DriverHubInstaller
LegalCopyright: © ROSTPAY LTD. All rights reserved.
OriginalFileName: DriverHubInstaller.exe
ProductName: DriverHub
FileVersion: 3.4.2
ProductVersion: 3.4.2
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
63
Monitored processes
22
Malicious processes
4
Suspicious processes
1

Behavior graph

Click at the process to see the details
start driver-hub-install__31.exe no specs driver-hub-install__31.exe driverhub.exe test_wpf.exe no specs operadownloader.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs 360totalsecuritydownloader.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
392"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3152 --field-trial-handle=1280,i,7337718603296323564,18183886746014556870,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
664"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1280,i,7337718603296323564,18183886746014556870,131072 /prefetch:2C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
712"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1380 --field-trial-handle=1432,i,5707844702128300774,9166302487861089650,131072 /prefetch:3C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1336"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=109.0.5414.149 "--annotation=exe=C:\Program Files\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win32 "--annotation=prod=Microsoft Edge" --annotation=ver=109.0.1518.115 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xe0,0x6983f598,0x6983f5a8,0x6983f5b4C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1900"C:\Users\admin\AppData\Local\Temp\DriverHub\OperaDownloader.exe" --silent --allusers=0 --setdefaultbrowser=0 --pin-additional-shortcuts=0C:\Users\admin\AppData\Local\Temp\DriverHub\OperaDownloader.exe
driver-hub-install__31.exe
User:
admin
Company:
Opera Software
Integrity Level:
HIGH
Description:
Opera Installer
Exit code:
0
Version:
107.0.5045.21
Modules
Images
c:\users\admin\appdata\local\temp\driverhub\operadownloader.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
1976"C:\Program Files\DriverHub\DriverHub.exe" C:\Program Files\DriverHub\DriverHub.exe
driver-hub-install__31.exe
User:
admin
Company:
ROSTPAY LTD
Integrity Level:
HIGH
Description:
DriverHub
Exit code:
0
Version:
1.3.10.2240
Modules
Images
c:\program files\driverhub\driverhub.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\driverhub\libcurl.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\nsi.dll
c:\windows\system32\wldap32.dll
2068"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1660 --field-trial-handle=1280,i,7337718603296323564,18183886746014556870,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2156C:\ProgramData\BrightData\0958021a4a573e283a9a7d03525578a2225ac6fd\test_wpf.exeC:\ProgramData\BrightData\0958021a4a573e283a9a7d03525578a2225ac6fd\test_wpf.exeDriverHub.exe
User:
admin
Company:
BrightData Ltd. (certified)
Integrity Level:
HIGH
Description:
test_wpf
Exit code:
0
Version:
1.429.308
Modules
Images
c:\programdata\brightdata\0958021a4a573e283a9a7d03525578a2225ac6fd\test_wpf.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
2324"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=109.0.5414.149 "--annotation=exe=C:\Program Files\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win32 "--annotation=prod=Microsoft Edge" --annotation=ver=109.0.1518.115 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xf0,0x6983f598,0x6983f5a8,0x6983f5b4C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
2488"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --single-argument https://multipassword.com/extension-thankyou/edgeC:\Program Files\Microsoft\Edge\Application\msedge.exedriver-hub-install__31.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
Total events
46 639
Read events
46 436
Write events
172
Delete events
31

Modification events

(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(3864) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(3428) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(3428) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(3428) driver-hub-install__31.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
Executable files
70
Suspicious files
125
Text files
585
Unknown types
79

Dropped files

PID
Process
Filename
Type
3428driver-hub-install__31.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506compressed
MD5:AC05D27423A85ADC1622C714F2CB6184
SHA256:C6456E12E5E53287A547AF4103E0397CB9697E466CF75844312DC296D43D144D
3428driver-hub-install__31.exeC:\Program Files\DriverHub\Images\DriverHubLogo.pngimage
MD5:451B153070269850DA133D4E493A1BD6
SHA256:91D221FE4045038100274A1A32F8155C0195517C51A712B1F742A4F5BBB45E4B
3428driver-hub-install__31.exeC:\Program Files\DriverHub\libEGL.dllexecutable
MD5:E0E4011346A86083A0EC8EB01136D0BA
SHA256:411966CE4F8FEBB2FE3AB84B97ED9FB9062AB60C6211FC3B3E4A25A5EE607ECB
3428driver-hub-install__31.exeC:\Program Files\DriverHub\DriverHub.exebinary
MD5:7FCD419C2737291CB0062F8D0E36631C
SHA256:295B73B74A8D6187489F1A02C703334875244CD4FFB11229F9CBA9EA28C2E68F
3428driver-hub-install__31.exeC:\Program Files\DriverHub\libcurl.dllexecutable
MD5:E5064ADFBC48E3FB81F09E7B8E78D49D
SHA256:4BFCAEE356CF1B99D3DBC03D42018FCFC29271C6A72B373343D24C45A7569489
3428driver-hub-install__31.exeC:\Program Files\DriverHub\imageformats\qgif.dllexecutable
MD5:A7D24E2226FF09208E22FC6F70BF0DE7
SHA256:6356257682FB64D28AD68DEBEA96E1A0104C273E8838953459A110933F0A84BE
3428driver-hub-install__31.exeC:\Program Files\DriverHub\platforms\qwindows.dllexecutable
MD5:1E6793D71EB9DEB7AD943AABBBB17240
SHA256:6B9E0CC5F72B8FDDD16AE0EF7A14E64BC0EAFCDB4D5F74B2C12194241D66407D
3428driver-hub-install__31.exeC:\Program Files\DriverHub\libssl-1_1.dllexecutable
MD5:4A1BD71115017098E6B75570A61B6DC3
SHA256:244AE1F0EF1AD908B54068EB13611FBA58C8F78BA2F126ACDE7379A0C823123F
3428driver-hub-install__31.exeC:\Program Files\DriverHub\libcrypto-1_1.dllexecutable
MD5:D588D5B4162D2C66071A171A903AC8A1
SHA256:F1B06DB34B6BC09738FA66AC2103F7F47BA58F9BB6D1A518112F42846B6DC8EA
3428driver-hub-install__31.exeC:\Program Files\DriverHub\DriverHubUninstaller.exeexecutable
MD5:1DA7E5FFC7C7705F95472956575BD303
SHA256:176B981AA8842C1AC0AB3FA2A29DDE91B3826C7AE39007FE6B56B7B9203CEC51
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
24
TCP/UDP connections
79
DNS requests
36
Threats
5

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3428
driver-hub-install__31.exe
GET
200
95.101.63.96:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?6cba3083cea0e54e
unknown
compressed
65.2 Kb
unknown
3428
driver-hub-install__31.exe
GET
304
95.101.63.96:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?f65240b9edb4d34c
unknown
compressed
65.2 Kb
unknown
3108
360TotalSecurityDownloader.exe
GET
200
52.29.179.141:80
http://s.360safe.com/360ts/mini_inst.htm?ver=6.6.0.1054&pid=WW.AZ.CPI202204&os=6.1&mid=b8c075ec50c0ffb37ec9c97cc27794fb&state=153
unknown
unknown
3428
driver-hub-install__31.exe
GET
200
2.17.113.66:80
http://r3.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgSBMIUl3dUhDJLPdisKEY1cpA%3D%3D
unknown
binary
503 b
unknown
3428
driver-hub-install__31.exe
GET
200
2.18.97.144:80
http://x1.c.lencr.org/
unknown
binary
717 b
unknown
3108
360TotalSecurityDownloader.exe
GET
200
52.29.179.141:80
http://s.360safe.com/safei18n/query_env.htm?v611=DgY0MAEIHPqfNwABAACWksmpOSIPyc2i9ezzC%2B0Ad72OnUMrK6UvQMsQvYQgofPMq6pLTdOV8MutFmUoHJK3U8x5euGBaL9fEmunnDNyP%2BbVBwkiDOEoVCY2xHMxp60rgIO8dWtA8RmR4bLZubLTR%2BgS4B1BeybQTs5wZMnIakpSr9N2reWoafxla98zyQ8hbC%2ByL%2FRp5Fg%2FzgBnDOosAYiHJbuYYS3eeiMzC%2BliJ%2Fbc%2FXLIMM54Ip%2FkICmKXo%2B8P31vEjywruJcm%2BOHD9VGtUjTJMgyUF2IokeSjFMzbrfQY%2BOIzjR4qMetfNbIdU4FY8oMcPe6AEMlYe%2BO%2FGUwR%2BkJ%2FwOVviS%2BYB7IP2wr
unknown
unknown
3108
360TotalSecurityDownloader.exe
GET
200
52.29.179.141:80
http://s.360safe.com/safei18n/dimana.htm?lr=1&mid=b8c075ec50c0ffb37ec9c97cc27794fb&mod=360Installer.exe&ph=02a8342074eb25c8adb2d135e2bab7e5&p2p=1&t_id=360TS_Setup_For_Mini.cab&tads=655&tdl=655&tds=655&terr=0&tes=Status|1,ErrorCode|0,DnCount|6,HttpNum|1,DnFailCount|6,FStatus|1,P2SS|655,P2PS|0,PDMode|2&tfl=655&tp=t&tst=1&ttdl=655&ttm=1000&ttup=120&vh=1.3.0.1361&vp=1.3.0.1320&softname=360TS
unknown
unknown
3108
360TotalSecurityDownloader.exe
GET
104.192.108.17:80
http://int.down.360safe.com/totalsecurity/360TS_Setup_11.0.0.1077.exe
unknown
unknown
3108
360TotalSecurityDownloader.exe
GET
104.192.108.21:80
http://int.down.360safe.com/totalsecurity/360TS_Setup_11.0.0.1077.exe
unknown
unknown
3108
360TotalSecurityDownloader.exe
GET
104.192.108.20:80
http://int.down.360safe.com/totalsecurity/360TS_Setup_11.0.0.1077.exe
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
3428
driver-hub-install__31.exe
188.130.153.33:443
api.az-partners.net
Rostpay Ltd
RU
unknown
3428
driver-hub-install__31.exe
95.101.63.96:80
ctldl.windowsupdate.com
Akamai International B.V.
GB
unknown
3428
driver-hub-install__31.exe
188.130.153.32:443
api.az-partners.net
Rostpay Ltd
RU
unknown
3428
driver-hub-install__31.exe
2.18.97.144:80
x1.c.lencr.org
Akamai International B.V.
FR
unknown
3428
driver-hub-install__31.exe
2.17.113.66:80
r3.o.lencr.org
Akamai International B.V.
GB
unknown
3428
driver-hub-install__31.exe
185.26.182.111:443
net.geo.opera.com
Opera Software AS
whitelisted
1976
DriverHub.exe
192.81.214.145:443
perr.lum-sdk.io
DIGITALOCEAN-ASN
US
unknown

DNS requests

Domain
IP
Reputation
api.az-partners.net
  • 188.130.153.33
  • 188.130.153.32
unknown
ctldl.windowsupdate.com
  • 95.101.63.96
  • 95.101.63.72
whitelisted
www.drvhub.net
  • 188.130.153.32
  • 188.130.153.33
unknown
www.az-partners.net
  • 188.130.153.32
  • 188.130.153.33
malicious
x1.c.lencr.org
  • 2.18.97.144
whitelisted
r3.o.lencr.org
  • 2.17.113.66
  • 2.17.113.10
  • 95.101.54.145
  • 95.101.54.208
  • 95.101.54.137
  • 95.101.54.128
  • 95.101.54.121
  • 95.101.54.201
  • 95.101.54.107
shared
net.geo.opera.com
  • 185.26.182.111
  • 185.26.182.112
whitelisted
perr.lum-sdk.io
  • 192.81.214.145
  • 206.189.231.23
  • 159.223.133.120
  • 161.35.48.195
unknown
free.360totalsecurity.com
  • 151.236.118.173
whitelisted
multipassword.com
  • 188.130.153.41
  • 188.130.153.40
unknown

Threats

PID
Process
Class
Message
3108
360TotalSecurityDownloader.exe
Generic Protocol Command Decode
ET INFO Session Traversal Utilities for NAT (STUN Binding Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag false change port flag false)
3108
360TotalSecurityDownloader.exe
Generic Protocol Command Decode
ET INFO Session Traversal Utilities for NAT (STUN Binding Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag true change port flag false)
3108
360TotalSecurityDownloader.exe
Generic Protocol Command Decode
ET INFO Session Traversal Utilities for NAT (STUN Binding Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag false change port flag true)
2516
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] A free CDN for open source projects (jsdelivr .net)
3108
360TotalSecurityDownloader.exe
Potential Corporate Privacy Violation
ET POLICY PE EXE or DLL Windows file download HTTP
Process
Message
DriverHub.exe
qrc:/UpdateProgressDialog.qml:11:5: QML Connections: Implicitly defined onFoo properties in Connections are deprecated. Use this syntax instead: function onFoo(<arguments>) { ... }
DriverHub.exe
qrc:/main.qml:655:13: QML Connections: Implicitly defined onFoo properties in Connections are deprecated. Use this syntax instead: function onFoo(<arguments>) { ... }
DriverHub.exe
qrc:/main.qml:453:31: QML ItemDelegate: Binding loop detected for property "height"
DriverHub.exe
file:///C:/Program Files/DriverHub/QtQuick/Dialogs/DefaultFileDialog.qml:102:33: QML Settings: Failed to initialize QSettings instance. Status code is: 1
DriverHub.exe
file:///C:/Program Files/DriverHub/QtQuick/Dialogs/DefaultFileDialog.qml:102:33: QML Settings: The following application identifiers have not been set: QVector("organizationName", "organizationDomain")
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:47:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:29:9: QML MyCheckBox: Binding loop detected for property "width"
DriverHub.exe
qrc:/SettingsPage.qml:29:9: QML MyCheckBox: Binding loop detected for property "width"
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
driver-hub-install__31.exe