File name:

IDM_6.4x_Crack_v20.1.exe

Full analysis: https://app.any.run/tasks/55bc4d90-6c49-40d1-ae14-df3b08566c8c
Verdict: Malicious activity
Analysis date: June 02, 2025, 05:26:53
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
auto
generic
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 3 sections
MD5:

832EAC4526E3E0C9A96EA29D90A5B521

SHA1:

8B89CC3C79310BCAEB3428A86C64AB609F1333F5

SHA256:

C1BD821751C7F0ECD0741103EEF6888025F4509229E0C11F1CD436BF334AA240

SSDEEP:

1536:Se+j44X5OjRrmLlgOypw5JM8uaT3kDculsKdrX+UXaf+blAj:Se+04Xool46Lia/fKBXnq2blAj

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • GENERIC has been found (auto)

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)

    • Creates internet connection object (SCRIPT)

      • wscript.exe (PID: 6816)

    • Opens an HTTP connection (SCRIPT)

      • wscript.exe (PID: 6816)

    • Sends HTTP request (SCRIPT)

      • wscript.exe (PID: 6816)

    • Deletes a file (SCRIPT)

      • wscript.exe (PID: 6816)

  • SUSPICIOUS

    • Adds, changes, or deletes HTTP request header (SCRIPT)

      • wscript.exe (PID: 6816)

    • Gets full path of the running script (SCRIPT)

      • wscript.exe (PID: 6816)

    • Sets XML DOM element text (SCRIPT)

      • wscript.exe (PID: 6816)

    • Uses REG/REGEDIT.EXE to modify registry

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)
      • cmd.exe (PID: 672)
      • cmd.exe (PID: 7840)

    • Executing commands from a ".bat" file

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)
      • cmd.exe (PID: 672)

    • Application launched itself

      • cmd.exe (PID: 672)
      • cmd.exe (PID: 644)

    • Starts CMD.EXE for commands execution

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)
      • cmd.exe (PID: 672)
      • cmd.exe (PID: 644)

    • Probably obfuscated PowerShell command line is found

      • cmd.exe (PID: 672)

    • Starts POWERSHELL.EXE for commands execution

      • cmd.exe (PID: 672)
      • cmd.exe (PID: 7780)
      • cmd.exe (PID: 2868)

    • Possibly malicious use of IEX has been detected

      • cmd.exe (PID: 672)

    • Hides command output

      • cmd.exe (PID: 2868)
      • cmd.exe (PID: 7840)

    • Starts application with an unusual extension

      • cmd.exe (PID: 672)

    • The process executes VB scripts

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)

    • Creates FileSystem object to access computer's file system (SCRIPT)

      • wscript.exe (PID: 6816)

  • INFO

    • Checks supported languages

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)
      • chcp.com (PID: 7000)

    • Checks proxy server information

      • wscript.exe (PID: 6816)

    • Checks operating system version

      • cmd.exe (PID: 672)

    • Creates files or folders in the user directory

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)

    • Checks whether the specified file exists (POWERSHELL)

      • powershell.exe (PID: 7364)
      • powershell.exe (PID: 132)

    • Create files in a temporary directory

      • reg.exe (PID: 2284)
      • IDM_6.4x_Crack_v20.1.exe (PID: 780)

    • Changes the display of characters in the console

      • cmd.exe (PID: 672)

    • Reads the software policy settings

      • slui.exe (PID: 6300)

    • Reads the computer name

      • IDM_6.4x_Crack_v20.1.exe (PID: 780)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.dll | Win32 Dynamic Link Library (generic) (38.3)
.exe | Win32 Executable (generic) (26.2)
.exe | Win16/32 Executable Delphi generic (12)
.exe | Generic Win/DOS Executable (11.6)
.exe | DOS Executable Generic (11.6)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 1992:06:19 22:22:17+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 61440
InitializedDataSize: 4096
UninitializedDataSize: 188416
EntryPoint: 0x3cf20
OSVersion: 4
ImageVersion: -
SubsystemVersion: 4
Subsystem: Windows GUI
No data.
screenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
184
Monitored processes
57
Malicious processes
3
Suspicious processes
0

Behavior graph

Click at the process to see the details
start idm_6.4x_crack_v20.1.exe wscript.exe sppextcomobj.exe no specs slui.exe reg.exe no specs conhost.exe no specs cmd.exe no specs conhost.exe no specs cmd.exe no specs reg.exe no specs find.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs find.exe no specs powershell.exe no specs find.exe no specs powershell.exe no specs find.exe no specs cmd.exe no specs powershell.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs cmd.exe no specs reg.exe no specs cmd.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs cmd.exe no specs powershell.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs powershell.exe no specs chcp.com no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs reg.exe no specs idm_6.4x_crack_v20.1.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
132powershell.exe "$sid = 'S-1-5-21-1693682860-607145093-2874071422-1001'; $HKCUsync = 1; $lockKey = $null; $deleteKey = 1; $f=[io.file]::ReadAllText('C:\Users\admin\AppData\Local\Temp\BATCLEN.bat') -split ':regscan\:.*';iex ($f[1])"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows PowerShell
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\windowspowershell\v1.0\powershell.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
644C:\WINDOWS\system32\cmd.exe /c echo prompt $E | cmdC:\Windows\SysWOW64\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Command Processor
Exit code:
0
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
672cmd.exe /c call "C:\Users\admin\AppData\Local\Temp\BATCLEN.bat"C:\Windows\SysWOW64\cmd.exeIDM_6.4x_Crack_v20.1.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Command Processor
Exit code:
1
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
772reg query "HKLM\SOFTWARE\Wow6432Node\Internet Download Manager" C:\Windows\System32\reg.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
780"C:\Users\admin\AppData\Local\Temp\IDM_6.4x_Crack_v20.1.exe" C:\Users\admin\AppData\Local\Temp\IDM_6.4x_Crack_v20.1.exe
explorer.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\local\temp\idm_6.4x_crack_v20.1.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\advapi32.dll
896reg query "HKCU\Software\DownloadManager" "/v" "scansk" C:\Windows\System32\reg.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
1472C:\WINDOWS\system32\cmd.exe /S /D /c" echo prompt $E "C:\Windows\SysWOW64\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Command Processor
Exit code:
0
Version:
10.0.19041.3636 (WinBuild.160101.0800)
Modules
Images
c:\windows\syswow64\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\msvcrt.dll
1696reg query "HKCU\Software\DownloadManager" "/v" "LastCheckQU" C:\Windows\System32\reg.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
1
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
1812cmdC:\Windows\System32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Command Processor
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winbrand.dll
2092reg delete HKU\S-1-5-21-1693682860-607145093-2874071422-1001\Software\Classes\Wow6432Node\CLSID\IAS_TEST /fC:\Windows\System32\reg.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
Total events
23 833
Read events
23 791
Write events
27
Delete events
15

Modification events

(PID) Process:(6816) wscript.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(6816) wscript.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(6816) wscript.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script Host\Settings
Operation:writeName:Enabled
Value:
1
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Microsoft\Windows Script Host\Settings
Operation:writeName:Enabled
Value:
1
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Script Host\Settings
Operation:writeName:Enabled
Value:
1
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Operation:writeName:DisableRegistryTools
Value:
0
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Operation:writeName:DisableCMD
Value:
0
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Operation:writeName:DisableTaskMgr
Value:
0
(PID) Process:(780) IDM_6.4x_Crack_v20.1.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Operation:writeName:NoRun
Value:
0
Executable files
0
Suspicious files
5
Text files
18
Unknown types
0

Dropped files

PID
Process
Filename
Type
780IDM_6.4x_Crack_v20.1.exeC:\Users\admin\AppData\Local\Temp\IDM_UPDT.vbstext
MD5:B91C1157D6F1E605CC965D092551B307
SHA256:92FE72CCEB630C7EFF3B2D3BED9C6969F53E5B9DFF1F481888754E59B3C76AB7
6816wscript.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12binary
MD5:4A90329071AE30B759D279CCA342B0A6
SHA256:4F544379EDA8E2653F71472AB968AEFD6B5D1F4B3CE28A5EDB14196184ED3B60
7364powershell.exeC:\Users\admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractivebinary
MD5:69AEBE269BA981C8C4E279295C214327
SHA256:5CEA79A15DBB61B9E33018377319D2F949A67292A657E3D435A714C0F2D4DEB4
6816wscript.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12binary
MD5:214180CE13FDCA447F059EB9C5DA3BF8
SHA256:585930D9B8C98E8F32A464982F50D1F1AC3ADCB30C12B4DF3589E5C4F129670C
7364powershell.exeC:\Users\admin\AppData\Local\Temp\__PSScriptPolicyTest_hj0naq5g.htq.ps1text
MD5:D17FE0A3F47BE24A6453E9EF58C94641
SHA256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
6816wscript.exeC:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\RR3E01RZ\6R62AE4Z.xmltext
MD5:21A5285AE43EDD57EB010DBAA5E01AD1
SHA256:E2346FA47B5BE1883B01FA3764F618C2DCA0AC1765BAA75506433A7532C764A5
6816wscript.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8binary
MD5:1FBB37F79B317A9A248E7C4CE4F5BAC5
SHA256:9BF639C595FE335B6F694EE35990BEFD2123F5E07FD1973FF619E3FC88F5F49F
7824powershell.exeC:\Users\admin\AppData\Local\Temp\__PSScriptPolicyTest_cceu2iwy.0pw.psm1text
MD5:D17FE0A3F47BE24A6453E9EF58C94641
SHA256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
780IDM_6.4x_Crack_v20.1.exeC:\Users\admin\AppData\Local\Temp\BATCLEN.battext
MD5:9FE22C4AD624881F8F0977CC7614346F
SHA256:12B47C1949CC555C2F68F9FD4677ED5266F25C4DA4630BEC36E303629B133225
780IDM_6.4x_Crack_v20.1.exeC:\Users\admin\AppData\Local\Temp\IDMRegClean.regtext
MD5:73C023B1480CC88BE4D7761EF11A7703
SHA256:9C7F6CE7CE6FA4093A20CFA3C1A6D2CDD7D5307AFF7405830C898A21F154ED68
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
7
TCP/UDP connections
20
DNS requests
15
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5496
MoUsoCoreWorker.exe
GET
200
23.216.77.28:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
5496
MoUsoCoreWorker.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
6816
wscript.exe
GET
200
142.250.186.67:80
http://c.pki.goog/r/gsr1.crl
unknown
whitelisted
6816
wscript.exe
GET
200
142.250.186.67:80
http://c.pki.goog/r/r4.crl
unknown
whitelisted
6544
svchost.exe
GET
200
2.17.190.73:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
968
SIHClient.exe
GET
200
95.101.149.131:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
968
SIHClient.exe
GET
200
95.101.149.131:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
6668
RUXIMICS.exe
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5496
MoUsoCoreWorker.exe
23.216.77.28:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
5496
MoUsoCoreWorker.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
6816
wscript.exe
188.114.97.3:443
idm.0dy.ir
CLOUDFLARENET
NL
unknown
6816
wscript.exe
142.250.186.67:80
c.pki.goog
GOOGLE
US
whitelisted
864
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
6544
svchost.exe
40.126.31.0:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 40.127.240.158
  • 51.124.78.146
whitelisted
crl.microsoft.com
  • 23.216.77.28
  • 23.216.77.6
whitelisted
www.microsoft.com
  • 184.30.21.171
  • 95.101.149.131
whitelisted
google.com
  • 142.250.181.238
whitelisted
idm.0dy.ir
  • 188.114.97.3
  • 188.114.96.3
unknown
c.pki.goog
  • 142.250.186.67
whitelisted
login.live.com
  • 40.126.31.0
  • 20.190.159.130
  • 20.190.159.23
  • 40.126.31.71
  • 20.190.159.0
  • 40.126.31.67
  • 40.126.31.130
  • 20.190.159.71
whitelisted
ocsp.digicert.com
  • 2.17.190.73
whitelisted
client.wns.windows.com
  • 172.211.123.248
whitelisted
slscr.update.microsoft.com
  • 20.109.210.53
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
IDM_6.4x_Crack_v20.1.exe