File name:

OperaSetup.exe

Full analysis: https://app.any.run/tasks/4995880a-3c66-449f-9f7b-717580c4bc4a
Verdict: Malicious activity
Analysis date: June 15, 2024, 01:52:43
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

1553F1E1B3706AFA661EB2D7AD6BCB60

SHA1:

FFA26C82C6879CEA7E9A5009B36D5690FF699728

SHA256:

CCA3D411B336F96403D02D9A3E09ACD951FC08CE0F411E397ABFE66C63E67E5B

SSDEEP:

98304:YGzrSHEflmuEwXNM1k0izMf3UHNDSqPaP8+9FzasSahO13+caAmOikdg7PbBBCCv:YP8oN

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • OperaSetup.exe (PID: 380)
      • setup.exe (PID: 4280)
      • setup.exe (PID: 4232)
      • setup.exe (PID: 2876)
      • setup.exe (PID: 5244)
      • setup.exe (PID: 4960)

    • Actions looks like stealing of personal data

      • setup.exe (PID: 5244)
      • setup.exe (PID: 4280)
      • setup.exe (PID: 2876)
      • setup.exe (PID: 4960)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • OperaSetup.exe (PID: 380)
      • setup.exe (PID: 5244)
      • setup.exe (PID: 4280)
      • setup.exe (PID: 2876)
      • setup.exe (PID: 4232)
      • setup.exe (PID: 4960)

    • Application launched itself

      • setup.exe (PID: 5244)
      • setup.exe (PID: 2876)

    • Reads security settings of Internet Explorer

      • setup.exe (PID: 5244)

    • Checks Windows Trust Settings

      • setup.exe (PID: 5244)

    • Starts itself from another location

      • setup.exe (PID: 5244)

  • INFO

    • Checks supported languages

      • setup.exe (PID: 5244)
      • OperaSetup.exe (PID: 380)
      • setup.exe (PID: 4232)
      • setup.exe (PID: 2876)
      • setup.exe (PID: 4280)
      • setup.exe (PID: 4960)

    • Create files in a temporary directory

      • OperaSetup.exe (PID: 380)
      • setup.exe (PID: 5244)
      • setup.exe (PID: 4280)
      • setup.exe (PID: 4232)
      • setup.exe (PID: 2876)
      • setup.exe (PID: 4960)

    • Reads the computer name

      • setup.exe (PID: 5244)
      • setup.exe (PID: 2876)

    • Creates files or folders in the user directory

      • setup.exe (PID: 5244)
      • setup.exe (PID: 4280)

    • Reads the software policy settings

      • setup.exe (PID: 5244)

    • Reads the machine GUID from the registry

      • setup.exe (PID: 5244)

    • Checks proxy server information

      • setup.exe (PID: 5244)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (64.6)
.dll | Win32 Dynamic Link Library (generic) (15.4)
.exe | Win32 Executable (generic) (10.5)
.exe | Generic Win/DOS Executable (4.6)
.exe | DOS Executable Generic (4.6)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:05:22 13:40:50+00:00
ImageFileCharacteristics: Executable, 32-bit
PEType: PE32
LinkerVersion: 14.39
CodeSize: 229888
InitializedDataSize: 111616
UninitializedDataSize: -
EntryPoint: 0x1f748
OSVersion: 6
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 111.0.5168.25
ProductVersionNumber: 111.0.5168.25
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Unknown
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
FileVersion: 111.0.5168.25
ProductVersion: 111.0.5168.25
FileDescription: Opera installer SFX
CompanyName:
LegalCopyright: Opera Software 2024
Productname: Opera installer
Stream: Stable
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
120
Monitored processes
6
Malicious processes
5
Suspicious processes
1

Behavior graph

Click at the process to see the details
start operasetup.exe setup.exe setup.exe setup.exe setup.exe setup.exe

Process information

PID
CMD
Path
Indicators
Parent process
380"C:\Users\admin\Desktop\OperaSetup.exe" C:\Users\admin\Desktop\OperaSetup.exe
explorer.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Opera installer SFX
Version:
111.0.5168.25
Modules
Images
c:\users\admin\desktop\operasetup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
2876"C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --launchopera=1 --installfolder="C:\Users\admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=5244 --package-dir-prefix="C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20240615015254" --session-guid=9e0444d1-b010-47be-953c-4b4b39c2f625 --server-tracking-blob=NTQyODRhODU3NzgwOGFmMmJiYzRkMmFkN2I0OWExZTFlY2EzOTliYWMxMmE4NzM3MWZlNjJhYTEyZmY3ZTIyYjp7ImNvdW50cnkiOiJDQSIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYVNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhIn0sInF1ZXJ5IjoiL29wZXJhL3N0YWJsZS93aW5kb3dzP2h0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZkdWNrZHVja2dvLmNvbSUyRiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZkbF90b2tlbj0zMDA2NDczOCIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcxODQxNjM1MS42Nzc4IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTI3LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTI3LjAiLCJ1dG0iOnsibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwic2l0ZSI6Im9wZXJhX2NvbSJ9LCJ1dWlkIjoiMjU5ODY2YzEtZmFlMi00NzFiLWJiMmQtZGVkMWI1OTNkOTM5In0= --desktopshortcut=1 --wait-for-package --initial-proc-handle=740A000000000000C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe
setup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Version:
111.0.5168.25
Modules
Images
c:\users\admin\appdata\local\temp\7zsc7102a61\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\acgenral.dll
4232"C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --versionC:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
setup.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\.opera\opera installer temp\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\acgenral.dll
4280C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0x744fa128,0x744fa134,0x744fa140C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe
setup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Version:
111.0.5168.25
Modules
Images
c:\users\admin\appdata\local\temp\7zsc7102a61\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\acgenral.dll
4960C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=111.0.5168.25 --initial-client-data=0x34c,0x350,0x354,0x318,0x358,0x7204a128,0x7204a134,0x7204a140C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe
setup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Version:
111.0.5168.25
Modules
Images
c:\users\admin\appdata\local\temp\7zsc7102a61\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\acgenral.dll
5244C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe --server-tracking-blob=M2VjNmRmZjQwNTk0ZjFiMjQ4M2JkM2U3Zjc0NmE1ZWZlZGQ2NWNiN2UwMTMxY2UyNTVjYThkNGExMmExYWE3YTp7ImNvdW50cnkiOiJDQSIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYVNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYSIsInF1ZXJ5IjoiL29wZXJhL3N0YWJsZS93aW5kb3dzP2h0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZkdWNrZHVja2dvLmNvbSUyRiZ1dG1fc2l0ZT1vcGVyYV9jb20mdXRtX2xhc3RwYWdlPW9wZXJhLmNvbSUyRiZkbF90b2tlbj0zMDA2NDczOCIsInRpbWVzdGFtcCI6IjE3MTg0MTYzNTEuNjc3OCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEyNy4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEyNy4wIiwidXRtIjp7Imxhc3RwYWdlIjoib3BlcmEuY29tLyIsInNpdGUiOiJvcGVyYV9jb20ifSwidXVpZCI6IjI1OTg2NmMxLWZhZTItNDcxYi1iYjJkLWRlZDFiNTkzZDkzOSJ9C:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exe
OperaSetup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Version:
111.0.5168.25
Modules
Images
c:\users\admin\appdata\local\temp\7zsc7102a61\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\acgenral.dll
Total events
4 214
Read events
4 202
Write events
12
Delete events
0

Modification events

(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
Operation:writeName:CachePrefix
Value:
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
Operation:writeName:CachePrefix
Value:
Cookie:
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
Operation:writeName:CachePrefix
Value:
Visited:
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:ProxyBypass
Value:
1
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:IntranetName
Value:
1
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
1
(PID) Process:(5244) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
0
(PID) Process:(2876) setup.exeKey:HKEY_CURRENT_USER\SOFTWARE\Opera Software
Operation:writeName:Last Stable Install Path
Value:
C:\Users\admin\AppData\Local\Programs\Opera\
Executable files
7
Suspicious files
2
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
5244setup.exeC:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\AH8CR9J5\features[1].jsonbinary
MD5:0167E57585823E4D7FEAAED4D5D47D10
SHA256:2A15166EF77191A46FBF27D354E29DA462E0CD3A2D7C7C123A510D1E6231669A
5244setup.exeC:\Users\admin\AppData\Local\Temp\Opera_installer_2406150152535175244.dllexecutable
MD5:B05A49FE0B700420401974A62CEA7BE6
SHA256:12F8A3F3569CECD209E1A6E229E7E6C3D130AB1694FDF71C10D5E3B5154BA703
5244setup.exeC:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exeexecutable
MD5:6A39877ABA485CD09C090E4E24F53DE6
SHA256:2DABA944E443AEA09F4D50A0AC5EA2A6BB85B6F861C83C1BBD284E6D81E8A7E3
4232setup.exeC:\Users\admin\AppData\Local\Temp\Opera_installer_2406150152540964232.dllexecutable
MD5:B05A49FE0B700420401974A62CEA7BE6
SHA256:12F8A3F3569CECD209E1A6E229E7E6C3D130AB1694FDF71C10D5E3B5154BA703
2876setup.exeC:\Users\admin\AppData\Local\Temp\Opera_installer_2406150153006272876.dllexecutable
MD5:B05A49FE0B700420401974A62CEA7BE6
SHA256:12F8A3F3569CECD209E1A6E229E7E6C3D130AB1694FDF71C10D5E3B5154BA703
4280setup.exeC:\Users\admin\AppData\Local\Temp\Opera_installer_2406150152538144280.dllexecutable
MD5:B05A49FE0B700420401974A62CEA7BE6
SHA256:12F8A3F3569CECD209E1A6E229E7E6C3D130AB1694FDF71C10D5E3B5154BA703
380OperaSetup.exeC:\Users\admin\AppData\Local\Temp\7zSC7102A61\setup.exeexecutable
MD5:6A39877ABA485CD09C090E4E24F53DE6
SHA256:2DABA944E443AEA09F4D50A0AC5EA2A6BB85B6F861C83C1BBD284E6D81E8A7E3
5244setup.exeC:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.datbinary
MD5:CC909715D995B7F9B9D21BBF253221BE
SHA256:46C29B6D458AC70CCC9D50B486610A9399ECC2D2874FBEF5E8C2B38FF15CEA35
4960setup.exeC:\Users\admin\AppData\Local\Temp\Opera_installer_2406150153008144960.dllexecutable
MD5:B05A49FE0B700420401974A62CEA7BE6
SHA256:12F8A3F3569CECD209E1A6E229E7E6C3D130AB1694FDF71C10D5E3B5154BA703
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
27
TCP/UDP connections
39
DNS requests
11
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
5504
svchost.exe
GET
200
95.101.63.66:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
unknown
5140
MoUsoCoreWorker.exe
GET
200
95.101.63.66:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
unknown
5548
RUXIMICS.exe
GET
200
95.101.63.66:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
unknown
5504
svchost.exe
GET
200
2.19.217.218:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
unknown
5548
RUXIMICS.exe
GET
200
2.19.217.218:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
unknown
5140
MoUsoCoreWorker.exe
GET
200
2.19.217.218:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
unknown
GET
302
3.66.144.173:443
https://download.opera.com/download/get/?id=66429&autoupdate=1&ni=1&stream=stable&utm_lastpage=opera.com/&utm_site=opera_com&niuid=259866c1-fae2-471b-bb2d-ded1b593d939
unknown
GET
2.17.113.91:443
https://download3.operacdn.com/ftp/pub/opera/desktop/111.0.5168.25/win/Opera_111.0.5168.25_Autoupdate_x64.exe
unknown
GET
302
18.195.150.72:443
https://download.opera.com/download/get/?id=66429&autoupdate=1&ni=1&stream=stable&utm_lastpage=opera.com/&utm_site=opera_com&niuid=259866c1-fae2-471b-bb2d-ded1b593d939
unknown
GET
104.18.10.89:443
https://download5.operacdn.com/ftp/pub/opera/desktop/111.0.5168.25/win/Opera_111.0.5168.25_Autoupdate_x64.exe
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:138
whitelisted
4364
svchost.exe
239.255.255.250:1900
unknown
5504
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5548
RUXIMICS.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5140
MoUsoCoreWorker.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
5504
svchost.exe
95.101.63.66:80
crl.microsoft.com
Akamai International B.V.
GB
unknown
5140
MoUsoCoreWorker.exe
95.101.63.66:80
crl.microsoft.com
Akamai International B.V.
GB
unknown
5548
RUXIMICS.exe
95.101.63.66:80
crl.microsoft.com
Akamai International B.V.
GB
unknown
5504
svchost.exe
2.19.217.218:80
www.microsoft.com
Akamai International B.V.
NL
unknown
5244
setup.exe
82.145.216.19:443
autoupdate.geo.opera.com
Opera Software AS
NO
unknown

DNS requests

Domain
IP
Reputation
crl.microsoft.com
  • 95.101.63.66
  • 72.247.176.73
whitelisted
www.microsoft.com
  • 2.19.217.218
whitelisted
autoupdate.geo.opera.com
  • 82.145.216.19
  • 82.145.216.20
whitelisted
desktop-netinstaller-sub.osp.opera.software
  • 82.145.217.121
whitelisted
settings-win.data.microsoft.com
  • 51.124.78.146
whitelisted
features.opera-api2.com
  • 82.145.216.15
  • 82.145.216.16
malicious
download.opera.com
  • 82.145.216.23
  • 82.145.216.24
whitelisted
download3.operacdn.com
  • 2.17.113.91
  • 2.17.113.74
whitelisted
download5.operacdn.com
  • 104.18.10.89
  • 104.18.11.89
malicious
get.geo.opera.com
  • 185.26.182.72
  • 185.26.182.71
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
OperaSetup.exe