File name: | CDDDesktopEdition.exe |
Full analysis: | https://app.any.run/tasks/ce3751eb-1357-4489-a9b8-8bf1798afdee |
Verdict: | Malicious activity |
Analysis date: | February 11, 2019, 10:54:39 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Tags: | |
Indicators: | |
MIME: | application/x-dosexec |
File info: | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
MD5: | 17D6B6E8D515F4BCC7F20502C4B71F74 |
SHA1: | 3E8590D2E2CD3E000597770A092DAA4BCEAD64F5 |
SHA256: | BB80746883A15C964B4E5BE0800FD13CDBE4D61DD0F200944D0424EA4A4505BF |
SSDEEP: | 196608:H5myKKjuqgHn1qjfnLHTqCbVYIJXeJpZKhxtxJGsGG0tWtzvW3+8YDk:LK+uZHADmSXOpZKhxtqgtzv6Yo |
.ax | | | DirectShow filter (39.3) |
---|---|---|
.exe | | | InstallShield setup (8.4) |
.exe | | | Win32 EXE PECompact compressed (generic) (8.1) |
.exe | | | Win64 Executable (generic) (5.3) |
AssemblyVersion: | 6.5.0.0 |
---|---|
ProductVersion: | 6.5.0.0 |
ProductName: | CDD |
OriginalFileName: | CDDDesktopEdition.exe |
LegalCopyright: | Copyright © ControlCase 2015 |
InternalName: | CDDDesktopEdition.exe |
FileVersion: | 6.5.0.0 |
FileDescription: | CDD Desktop |
CompanyName: | ControlCase |
CharacterSet: | Unicode |
LanguageCode: | Neutral |
FileSubtype: | - |
ObjectFileType: | Executable application |
FileOS: | Win32 |
FileFlags: | (none) |
FileFlagsMask: | 0x003f |
ProductVersionNumber: | 6.5.0.0 |
FileVersionNumber: | 6.5.0.0 |
Subsystem: | Windows GUI |
SubsystemVersion: | 4 |
ImageVersion: | - |
OSVersion: | 4 |
EntryPoint: | 0xe86ede |
UninitializedDataSize: | - |
InitializedDataSize: | 6144 |
CodeSize: | 15224832 |
LinkerVersion: | 11 |
PEType: | PE32 |
TimeStamp: | 2015:12:01 17:44:45+01:00 |
MachineType: | Intel 386 or later, and compatibles |
Architecture: | IMAGE_FILE_MACHINE_I386 |
---|---|
Subsystem: | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Compilation Date: | 01-Dec-2015 16:44:45 |
Debug artifacts: |
|
CompanyName: | ControlCase |
FileDescription: | CDD Desktop |
FileVersion: | 6.5.0.0 |
InternalName: | CDDDesktopEdition.exe |
LegalCopyright: | Copyright © ControlCase 2015 |
OriginalFilename: | CDDDesktopEdition.exe |
ProductName: | CDD |
ProductVersion: | 6.5.0.0 |
Assembly Version: | 6.5.0.0 |
Magic number: | MZ |
---|---|
Bytes on last page of file: | 0x0090 |
Pages in file: | 0x0003 |
Relocations: | 0x0000 |
Size of header: | 0x0004 |
Min extra paragraphs: | 0x0000 |
Max extra paragraphs: | 0xFFFF |
Initial SS value: | 0x0000 |
Initial SP value: | 0x00B8 |
Checksum: | 0x0000 |
Initial IP value: | 0x0000 |
Initial CS value: | 0x0000 |
Overlay number: | 0x0000 |
OEM identifier: | 0x0000 |
OEM information: | 0x0000 |
Address of NE header: | 0x00000080 |
Signature: | PE |
---|---|
Machine: | IMAGE_FILE_MACHINE_I386 |
Number of sections: | 3 |
Time date stamp: | 01-Dec-2015 16:44:45 |
Pointer to Symbol Table: | 0x00000000 |
Number of symbols: | 0 |
Size of Optional Header: | 0x00E0 |
Characteristics: |
|
Name | Virtual Address | Virtual Size | Raw Size | Charateristics | Entropy |
---|---|---|---|---|---|
.text | 0x00002000 | 0x00E84EE4 | 0x00E85000 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ | 6.9601 |
.rsrc | 0x00E88000 | 0x000014C0 | 0x00001600 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 4.41662 |
.reloc | 0x00E8A000 | 0x0000000C | 0x00000200 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ | 0.10191 |
Title | Entropy | Size | Codepage | Language | Type |
---|---|---|---|---|---|
1 | 3.35629 | 792 | UNKNOWN | UNKNOWN | RT_VERSION |
2 | 4.71617 | 4264 | UNKNOWN | UNKNOWN | RT_ICON |
32512 | 1.94375 | 20 | UNKNOWN | UNKNOWN | RT_GROUP_ICON |
mscoree.dll |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3504 | "C:\Users\admin\AppData\Local\Temp\CDDDesktopEdition.exe" | C:\Users\admin\AppData\Local\Temp\CDDDesktopEdition.exe | explorer.exe | |
User: admin Company: ControlCase Integrity Level: MEDIUM Description: CDD Desktop Exit code: 0 Version: 6.5.0.0 | ||||
2572 | "C:\Users\admin\AppData\Local\Temp\tof5aulv.aen\CDD.CCSearchIntegration.exe" --input=C:/ --config=CDD.config.sdb | C:\Users\admin\AppData\Local\Temp\tof5aulv.aen\CDD.CCSearchIntegration.exe | CDDDesktopEdition.exe | |
User: admin Company: ControlCase LLC Integrity Level: MEDIUM Exit code: 200 Version: 6.0 | ||||
1436 | hostname | C:\Windows\system32\hostname.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Hostname APP Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
2836 | hostname | C:\Windows\system32\hostname.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Hostname APP Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
3280 | ipconfig | C:\Windows\system32\ipconfig.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: IP Configuration Utility Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
3940 | ipconfig | C:\Windows\system32\ipconfig.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: IP Configuration Utility Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
2748 | regsvr32.exe /s C:\Users\admin\AppData\Local\Temp/p2xtmp-2572/a2tallcom.dll | C:\Windows\system32\regsvr32.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft(C) Register Server Exit code: 5 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
3688 | regsvr32.exe /u /s C:\Users\admin\AppData\Local\Temp/p2xtmp-2572/a2tallcom.dll | C:\Windows\system32\regsvr32.exe | — | CDD.CCSearchIntegration.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft(C) Register Server Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E |
Operation: | write | Name: | LanguageList |
Value: en-US | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81 |
Operation: | write | Name: | Blob |
Value: 0F000000010000001400000085FEF11B4F47FE3952F98301C9F98976FEFEE0CE09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C06200000001000000200000008D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F1400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81 |
Operation: | delete key | Name: | |
Value: | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81 |
Operation: | write | Name: | Blob |
Value: 190000000100000010000000DC73F9B71E16D51D26527D32B11A6A3D09000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C06200000001000000200000008D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F1400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\91C6D6EE3E8AC86384E548C299295C756C817B81 |
Operation: | write | Name: | Blob |
Value: 0400000001000000100000008CCADC0B22CEF5BE72AC411A11A8D81209000000010000002A000000302806082B0601050507030106082B0601050507030206082B0601050507030406082B0601050507030353000000010000002500000030233021060B6086480186F8450107300130123010060A2B0601040182373C0101030200C06200000001000000200000008D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F1400000001000000140000007B5B45CFAFCECB7AFD31921A6AB6F346EB5748501D00000001000000100000005B3B67000EEB80022E42605B6B3B72400B000000010000000E000000740068006100770074006500000003000000010000001400000091C6D6EE3E8AC86384E548C299295C756C817B812000000001000000240400003082042030820308A0030201020210344ED55720D5EDEC49F42FCE37DB2B6D300D06092A864886F70D01010505003081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F74204341301E170D3036313131373030303030305A170D3336303731363233353935395A3081A9310B300906035504061302555331153013060355040A130C7468617774652C20496E632E31283026060355040B131F43657274696669636174696F6E205365727669636573204469766973696F6E31383036060355040B132F2863292032303036207468617774652C20496E632E202D20466F7220617574686F72697A656420757365206F6E6C79311F301D06035504031316746861777465205072696D61727920526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100ACA0F0FB8059D49CC7A4CF9DA159730910450C0D2C6E68F16C5B4868495937FC0B3319C2777FCC102D95341CE6EB4D09A71CD2B8C9973602B789D4245F06C0CC4494948D02626FEB5ADD118D289A5C8490107A0DBD74662F6A38A0E2D55444EB1D079F07BA6FEEE9FD4E0B29F53E84A001F19CABF81C7E89A4E8A1D871650DA3517BEEBCD222600DB95B9DDFBAFC515B0BAF98B2E92EE904E86287DE2BC8D74EC14C641EDDCF8758BA4A4FCA68071D1C9D4AC6D52F91CC7C71721CC5C067EB32FDC9925C94DA85C09BBF537D2B09F48C9D911F976A52CBDE0936A477D87B875044D53E6E2969FB3949261E09A5807B402DEBE82785C9FE61FD7EE67C971DD59D0203010001A3423040300F0603551D130101FF040530030101FF300E0603551D0F0101FF040403020106301D0603551D0E041604147B5B45CFAFCECB7AFD31921A6AB6F346EB574850300D06092A864886F70D010105050003820101007911C04BB391B6FCF0E967D40D6E45BE55E893D2CE033FEDDA25B01D57CB1E3A76A04CEC5076E864720CA4A9F1B88BD6D68784BB32E54111C077D9B3609DEB1BD5D16E4444A9A601EC55621D77B85C8E48497C9C3B5711ACAD73378E2F785C906847D96060E6FC073D222017C4F716E9C4D872F9C8737CDF162F15A93EFD6A27B6A1EB5ABA981FD5E34D640A9D13C861BAF5391C87BAB8BD7B227FF6FEAC4079E5AC106F3D8F1B79768BC437B3211884E53600EB632099B9E9FE3304BB41C8C102F94463209E81CE42D3D63F2C76D3639C59DD8FA6E10EA02E41F72E9547CFBCFD33F3F60B617E7E912B8147C22730EEA7105D378F5C392BE404F07B8D568C68 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CDDDesktopEdition_RASAPI32 |
Operation: | write | Name: | EnableFileTracing |
Value: 0 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CDDDesktopEdition_RASAPI32 |
Operation: | write | Name: | EnableConsoleTracing |
Value: 0 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CDDDesktopEdition_RASAPI32 |
Operation: | write | Name: | FileTracingMask |
Value: 4294901760 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CDDDesktopEdition_RASAPI32 |
Operation: | write | Name: | ConsoleTracingMask |
Value: 4294901760 | |||
(PID) Process: | (3504) CDDDesktopEdition.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CDDDesktopEdition_RASAPI32 |
Operation: | write | Name: | MaxFileSize |
Value: 1048576 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Cab1B5.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Tar1B6.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Cab1D6.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Tar1D7.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Cab2A3.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\Tar2A4.tmp | — | |
MD5:— | SHA256:— | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 | compressed | |
MD5:BB377DF27A55C05BB3793CD1E125C869 | SHA256:3C4EC495F17D21CC236BC7238BC02728BD945C07157FBF875CAC340269AFC207 | |||
2572 | CDD.CCSearchIntegration.exe | C:\Users\admin\AppData\Local\Temp\p2xtmp-2572\auto\Win32\Console\Console.dll | executable | |
MD5:0FA19FCC3CA65E29AD16FA65864A148D | SHA256:E21B0A5C56166A26B8068D1F86D397016BFD93211E00AD1B8AC96E114353E5F9 | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\Local\Temp\tof5aulv.aen\CDD.config.sdb | sqlite | |
MD5:83149F5B2E0236CF6120D3EB3D554CDE | SHA256:A8403AE004F06D82B3A69349C0392135374EEC4DF8DEE44EB300408B391C5FED | |||
3504 | CDDDesktopEdition.exe | C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 | binary | |
MD5:5C3564EB64017BC866E2CA49DD7D44C8 | SHA256:7FA1002CFD206B5408265700CD5C0929AF19C080FCC45E692F16D1D154D01DFC |
PID | Process | Method | HTTP Code | IP | URL | CN | Type | Size | Reputation |
---|---|---|---|---|---|---|---|---|---|
3504 | CDDDesktopEdition.exe | GET | 200 | 2.16.186.81:80 | http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab | unknown | compressed | 55.2 Kb | whitelisted |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
3504 | CDDDesktopEdition.exe | 2.16.186.81:80 | www.download.windowsupdate.com | Akamai International B.V. | — | whitelisted |
3504 | CDDDesktopEdition.exe | 66.226.75.153:443 | cdd.controlcase.com | Codero | US | unknown |
Domain | IP | Reputation |
---|---|---|
www.download.windowsupdate.com |
| whitelisted |
cdd.controlcase.com |
| unknown |