File name:

key.js

Full analysis: https://app.any.run/tasks/d724493c-551a-4b45-862b-33e3ecf57f8d
Verdict: Malicious activity
Threats:

A loader is malicious software that infiltrates devices to deliver malicious payloads. This malware is capable of infecting victims’ computers, analyzing their system information, and installing other types of threats, such as trojans or stealers. Criminals usually deliver loaders through phishing emails and links by relying on social engineering to trick users into downloading and running their executables. Loaders employ advanced evasion and persistence tactics to avoid detection.

Malware Trends Tracker     >>>
Analysis date: March 22, 2024, 12:48:17
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
loader
Indicators:
MIME: text/plain
File info: ASCII text, with very long lines (1153), with CRLF, CR, LF line terminators
MD5:

3D797697724542DE38D7AFF217F815C3

SHA1:

1212693A8F2C31255F0F9D993B89D430F56FA2A4

SHA256:

B3D506E2EF7C628E97B450A26CDAA1CE50516A7347272AD54419EAEA5E394527

SSDEEP:

6144:Bt0VwBj2JgXQllpi0xHcqI4y6Wa3cdc8HOcMYeictxCcMPtH:8VwBO8QfptHcqHJ7vMcMV

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Unusual connection from system programs

      • wscript.exe (PID: 6288)

    • Drops the executable file immediately after the start

      • msiexec.exe (PID: 3052)

  • SUSPICIOUS

    • Reads security settings of Internet Explorer

      • TextInputHost.exe (PID: 1696)

    • Reads the Windows owner or organization settings

      • msiexec.exe (PID: 3052)

    • Process drops legitimate windows executable

      • msiexec.exe (PID: 3052)

    • Executes as Windows Service

      • SecurityHealthService.exe (PID: 3992)
      • uhssvc.exe (PID: 1064)

    • Non-standard symbols in registry

      • msiexec.exe (PID: 3052)

  • INFO

    • Checks proxy server information

      • wscript.exe (PID: 6288)

    • Reads the computer name

      • TextInputHost.exe (PID: 1696)
      • msiexec.exe (PID: 3052)
      • uhssvc.exe (PID: 1064)

    • Checks supported languages

      • msiexec.exe (PID: 3052)
      • TextInputHost.exe (PID: 1696)
      • uhssvc.exe (PID: 1064)

    • Manual execution by a user

      • regedit.exe (PID: 6724)
      • wscript.exe (PID: 6180)

    • Executable content was dropped or overwritten

      • msiexec.exe (PID: 3052)

    • Reads Environment values

      • msiexec.exe (PID: 3052)
      • uhssvc.exe (PID: 1064)

    • Creates a software uninstall entry

      • msiexec.exe (PID: 3052)

    • Creates files in the program directory

      • uhssvc.exe (PID: 1064)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
237
Monitored processes
14
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start wscript.exe textinputhost.exe no specs regedit.exe msiexec.exe schtasks.exe no specs conhost.exe no specs schtasks.exe no specs conhost.exe no specs schtasks.exe no specs conhost.exe no specs uhssvc.exe no specs rundll32.exe no specs wscript.exe no specs securityhealthservice.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1064"C:\Program Files\Microsoft Update Health Tools\uhssvc.exe"C:\Program Files\Microsoft Update Health Tools\uhssvc.exeservices.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Microsoft Update Health Service
Exit code:
0
Version:
10.0.19041.3626 (WinBuild.160101.0800)
Modules
Images
c:\program files\microsoft update health tools\uhssvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
1696"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mcaC:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Exit code:
0
Version:
121.9202.4105.0
Modules
Images
c:\windows\systemapps\microsoftwindows.client.cbs_cw5n1h2txyewy\textinputhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\systemapps\microsoftwindows.client.cbs_cw5n1h2txyewy\vcruntime140_app.dll
c:\windows\system32\kernel.appcore.dll
c:\windows\system32\msvcrt.dll
2848C:\WINDOWS\SysWOW64\schtasks.exe -create -tn Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler -xml plugscheduler.xml -FC:\Windows\SysWOW64\schtasks.exemsiexec.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Task Scheduler Configuration Tool
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\schtasks.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\oleaut32.dll
3052C:\WINDOWS\system32\msiexec.exe /VC:\Windows\System32\msiexec.exe
services.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows® installer
Exit code:
0
Version:
5.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\msiexec.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
3992C:\WINDOWS\system32\SecurityHealthService.exeC:\Windows\System32\SecurityHealthService.exeservices.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Security Health Service
Exit code:
0
Version:
4.18.1907.16384 (WinBuild.160101.0800)
6180"C:\Windows\System32\WScript.exe" "C:\Users\admin\AppData\Local\Temp\key.js" C:\Windows\System32\wscript.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft ® Windows Based Script Host
Exit code:
0
Version:
5.812.10240.16384
6288"C:\Windows\System32\WScript.exe" "C:\Users\admin\AppData\Local\Temp\key.js"C:\Windows\System32\wscript.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft ® Windows Based Script Host
Exit code:
0
Version:
5.812.10240.16384
Modules
Images
c:\windows\system32\wscript.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
6388C:\WINDOWS\SysWOW64\schtasks.exe -delete -tn Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync -FC:\Windows\SysWOW64\schtasks.exemsiexec.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Task Scheduler Configuration Tool
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\schtasks.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\msvcrt.dll
c:\windows\syswow64\oleaut32.dll
6392\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exeschtasks.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
6576\??\C:\WINDOWS\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exeschtasks.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Console Window Host
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
8 941
Read events
8 733
Write events
97
Delete events
111

Modification events

(PID) Process:(6288) wscript.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
Operation:writeName:JScriptSetScriptStateStarted
Value:
2EFA000000000000
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
Operation:writeName:C:\Config.Msi\
Value:
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
Operation:writeName:C:\Config.Msi\18625.rbs
Value:
31095895
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
Operation:writeName:C:\Config.Msi\18625.rbsLow
Value:
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB
Operation:writeName:831A7A9B5DFB37C42A967FC8AC8251E0
Value:
C:\Program Files\RUXIM\RUXIMICS.exe
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB\831A7A9B5DFB37C42A967FC8AC8251E0
Operation:writeName:PatchGUID
Value:
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB\831A7A9B5DFB37C42A967FC8AC8251E0
Operation:writeName:MediaCabinet
Value:
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB\831A7A9B5DFB37C42A967FC8AC8251E0
Operation:writeName:File
Value:
FID_RUXIM_ICS
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB\831A7A9B5DFB37C42A967FC8AC8251E0
Operation:writeName:ComponentVersion
Value:
24.0.94.0
(PID) Process:(3052) msiexec.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A1AA8848303FD74A9153D728F9AEABB\831A7A9B5DFB37C42A967FC8AC8251E0
Operation:writeName:ProductVersion
Value:
8.94.0
Executable files
14
Suspicious files
22
Text files
2
Unknown types
21

Dropped files

PID
Process
Filename
Type
3052msiexec.exeC:\WINDOWS\TEMP\~DF7B78C8AD580A4F35.TMPbinary
MD5:BF619EAC0CDF3F68D496EA9344137E8B
SHA256:076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560
3052msiexec.exeC:\Config.Msi\18629.rbfexecutable
MD5:C322B3AA6242470B48D7C5E63B3C8579
SHA256:F90567944C01B273DF6CEF151282DC9B5A2A0E9DF2D187709209B85BB5A2C1B4
3052msiexec.exeC:\WINDOWS\Installer\18623.msiexecutable
MD5:0094051BC0DD99B1DCFA150413FB3D1A
SHA256:9E95FFAA3C2CD702FF5FCDA1B8FF6956AED314615F0F8B56691F8058B82B1696
3052msiexec.exeC:\Program Files\RUXIM\RUXIMICS.exeexecutable
MD5:FB1FBFD43291A17B62059B0AE1529A65
SHA256:CDEFC2B1068F65B54003AD3C1AC4545071BF97BCBE3B80D3BE0B721194EE61EC
3052msiexec.exeC:\WINDOWS\Installer\MSI8901.tmpbinary
MD5:B97CFCA66AEB2A1D93EF473A06AAC256
SHA256:3C63B7E044A0E76E1D4FC8461336AF0DA79FAEA0EF788CA1F5B533714E52C035
3052msiexec.exeC:\Config.Msi\18627.rbfexecutable
MD5:447B23ED3A291EC1C62F6ACA91A85B48
SHA256:2EC904C8F335BC23FB46C1C3E2850F9528146B64084E453DC820673B10FDFF1C
3052msiexec.exeC:\WINDOWS\TEMP\~DFE0E91CBA30EE5E3B.TMPbinary
MD5:B9CC9438BD0AA15E2B3F5665139A4ECF
SHA256:39F51EBAF9C1871C0DB5B261D678E55B5876DAA82FC2FEE758B53498C78F03B3
3052msiexec.exeC:\Program Files\RUXIM\SystemEvaluator.dllexecutable
MD5:FE78A11F63CEA89C477C6D1B955A39D6
SHA256:53DE91DC21324EABC916DAD7F30DA7EAE2B7AAB235BC976760E500AD4473E28B
3052msiexec.exeC:\Config.Msi\1862b.rbfexecutable
MD5:4162781CD2779BFCC505DD2A3C90246B
SHA256:B2F7F078C81B216014B78EF02F125F5E38D538685B61A8BC3906379D3E69B436
3052msiexec.exeC:\Program Files\RUXIM\RUXIMPHDialogHandlers.dllexecutable
MD5:C711424D21F7F7FB996A36DFCAA27CF3
SHA256:DBBACDC81154A044F6B21849715BC1045E7308BC1A3C2778741474037B5E79FE
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1 398
TCP/UDP connections
115
DNS requests
53
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
6288
wscript.exe
GET
200
2.16.164.120:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl
unknown
binary
824 b
unknown
6288
wscript.exe
GET
200
2.16.164.120:80
http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_2010-07-06.crl
unknown
binary
557 b
unknown
4148
svchost.exe
GET
206
72.247.153.162:80
http://2.au.download.windowsupdate.com/c/msdownload/update/software/updt/2024/03/windows10.0-kb5001716-x64_d92aa5a45222707542efa229d9cb0a8840bcfff1.cab
unknown
text
2 b
unknown
4148
svchost.exe
GET
206
72.247.153.162:80
http://2.au.download.windowsupdate.com/c/msdownload/update/software/defu/2024/01/mpsigstub_6103d9f6bf95c772c8b7ee89aee370cdca4642f8.exe
unknown
text
2 b
unknown
4148
svchost.exe
GET
206
72.247.153.178:80
http://2.au.download.windowsupdate.com/c/msdownload/update/software/defu/2024/01/mpsigstub_6103d9f6bf95c772c8b7ee89aee370cdca4642f8.exe
unknown
text
2 b
unknown
4148
svchost.exe
GET
206
72.247.153.162:80
http://2.au.download.windowsupdate.com/c/msdownload/update/software/updt/2024/03/windows10.0-kb5001716-x64_d92aa5a45222707542efa229d9cb0a8840bcfff1.cab
unknown
compressed
811 Kb
unknown
4148
svchost.exe
GET
206
72.247.153.178:80
http://2.au.download.windowsupdate.com/c/msdownload/update/software/updt/2024/03/windows10.0-kb5001716-x64_d92aa5a45222707542efa229d9cb0a8840bcfff1.cab
unknown
text
2 b
unknown
4148
svchost.exe
GET
200
88.221.110.104:80
http://dl.delivery.mp.microsoft.com/filestreamingservice//files/e3a4bc08-0df1-4ac3-bed8-464981e9de90/pieceshash
unknown
binary
858 b
unknown
4148
svchost.exe
GET
403
2.22.242.137:80
http://2.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3f616d5c-28b5-4e71-b9e0-8e7fe4fdfb83?P1=1709830099&P2=404&P3=2&P4=dr4qt%2f9cMi%2f%2fufmv2t5CDpO918Dv62hKeT7T6HCnpRSQ%2b6UThd4fYaJR%2fpy755FYGGDDSC4GnkoKpMauumOdLw%3d%3d
unknown
html
392 b
unknown
4148
svchost.exe
GET
200
173.222.108.210:80
http://download.windowsupdate.com/phf/c/doc/ph/prod5/msdownload/update/software/crup/2022/11/1024/windows10.0-kb5021043-x64_efa19d2d431c5e782a59daaf2d04d026bb8c8e76.cab.json
unknown
binary
361 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
unknown
51.104.136.2:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2744
svchost.exe
20.42.73.28:443
v10.events.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
20.54.110.119:443
tsfe.trafficshaping.dsp.mp.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
3852
svchost.exe
13.85.23.86:443
slscr.update.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
1136
svchost.exe
51.104.136.2:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
6052
MoUsoCoreWorker.exe
51.104.136.2:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
4
System
192.168.100.255:138
unknown
3852
svchost.exe
20.54.110.119:443
tsfe.trafficshaping.dsp.mp.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
6288
wscript.exe
2.16.164.120:80
crl.microsoft.com
Akamai International B.V.
NL
unknown

DNS requests

Domain
IP
Reputation
v10.events.data.microsoft.com
  • 20.42.73.28
  • 20.189.173.4
  • 52.178.17.234
  • 52.182.141.63
  • 13.89.179.8
whitelisted
tsfe.trafficshaping.dsp.mp.microsoft.com
  • 20.54.110.119
whitelisted
crl.microsoft.com
  • 2.16.164.120
  • 2.16.164.72
whitelisted
cp601.prod.do.dsp.mp.microsoft.com
  • 2.19.100.31
  • 23.32.101.180
whitelisted
2.au.download.windowsupdate.com
  • 72.247.153.178
  • 72.247.153.162
  • 2.16.164.105
  • 2.16.164.72
whitelisted
fe2cr.update.microsoft.com
  • 40.83.50.90
  • 40.83.50.92
whitelisted
download.windowsupdate.com
  • 173.222.108.210
  • 173.222.108.226
  • 23.32.238.209
  • 23.32.238.241
  • 23.32.238.218
  • 23.32.238.203
  • 23.32.238.224
  • 23.32.238.216
  • 23.32.238.168
  • 23.32.238.234
  • 23.32.238.240
whitelisted
dl.delivery.mp.microsoft.com
  • 88.221.110.104
  • 88.221.110.89
  • 2.22.242.80
  • 2.22.242.121
  • 23.48.23.23
  • 23.48.23.47
whitelisted
2.tlu.dl.delivery.mp.microsoft.com
  • 2.22.242.137
  • 2.22.242.122
  • 2.22.242.123
  • 2.22.242.130
  • 2.22.242.131
  • 2.22.242.224
  • 72.247.153.176
  • 72.247.153.201
  • 2.22.242.136
  • 2.22.242.90
  • 2.22.242.11
  • 2.22.242.88
  • 2.22.242.128
  • 23.216.77.165
  • 23.216.77.149
  • 23.216.77.166
  • 23.216.77.173
  • 23.216.77.182
  • 23.216.77.135
  • 23.216.77.171
  • 23.216.77.144
  • 23.216.77.181
whitelisted
fe3cr.delivery.mp.microsoft.com
  • 20.166.126.56
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
key.js