File name:

Mediatek SP Driver v5.1632 Setup.exe

Full analysis: https://app.any.run/tasks/071c3b67-f026-45c8-86ef-4f00e920a1a7
Verdict: Malicious activity
Analysis date: November 18, 2023, 10:00:51
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386, for MS Windows
MD5:

2864E74DDBEE0511DC655A73D2B96F2E

SHA1:

BAA9D261DCBAA6A30B639C89E5208D78D0E20975

SHA256:

D9F2B3469BF9FEB804C30767ECFFB9A63E21C79CD3DD1B11A1D04080B130B8C8

SSDEEP:

98304:w37Ha662gdLJ/FUAe3VmQqvp6douaEVHZ4pb0QFhw/WBh5ypDKArIkHQceDKS9/d:RiMzhGqFWkjqVzmKXJquRQtYlKx

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • Mediatek SP Driver v5.1632 Setup.exe (PID: 3276)
      • Mediatek SP Driver v5.1632 Setup.exe (PID: 2912)
      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • mtk_etw_log.exe (PID: 2544)

    • Create files in the Startup directory

      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)

    • Creates a writable file the system directory

      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 4072)
      • drvinst.exe (PID: 2028)
      • drvinst.exe (PID: 4004)
      • logman.exe (PID: 1848)
      • mtk_etw_log.exe (PID: 2544)

  • SUSPICIOUS

    • Reads the Windows owner or organization settings

      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)

    • Process drops legitimate windows executable

      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3912)

    • Drops a system driver (possible attempt to evade defenses)

      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3864)

    • Checks Windows Trust Settings

      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 4004)

    • Creates files in the driver directory

      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 4004)
      • drvinst.exe (PID: 4072)
      • drvinst.exe (PID: 2028)

    • Executes as Windows Service

      • VSSVC.exe (PID: 3712)

    • The process creates files with name similar to system file names

      • mtk_etw_log.exe (PID: 2544)

    • Malware-specific behavior (creating "System.dll" in Temp)

      • mtk_etw_log.exe (PID: 2544)

    • Starts application with an unusual extension

      • mtk_etw_log.exe (PID: 2544)

  • INFO

    • Reads the computer name

      • wmpnscfg.exe (PID: 3440)
      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3164)
      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 4004)
      • drvinst.exe (PID: 2028)
      • mtk_etw_log.exe (PID: 2544)
      • drvinst.exe (PID: 4072)

    • Checks supported languages

      • Mediatek SP Driver v5.1632 Setup.exe (PID: 2912)
      • wmpnscfg.exe (PID: 3440)
      • Mediatek SP Driver v5.1632 Setup.exe (PID: 3276)
      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3164)
      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 4004)
      • drvinst.exe (PID: 4072)
      • drvinst.exe (PID: 2028)
      • mtk_etw_log.exe (PID: 2544)
      • ns3149.tmp (PID: 2736)

    • Reads the machine GUID from the registry

      • wmpnscfg.exe (PID: 3440)
      • install32.exe (PID: 3688)
      • drvinst.exe (PID: 3864)
      • drvinst.exe (PID: 3912)
      • drvinst.exe (PID: 3988)
      • drvinst.exe (PID: 3724)
      • drvinst.exe (PID: 4004)
      • drvinst.exe (PID: 4072)
      • drvinst.exe (PID: 2028)

    • Create files in a temporary directory

      • Mediatek SP Driver v5.1632 Setup.exe (PID: 3276)
      • Mediatek SP Driver v5.1632 Setup.exe (PID: 2912)
      • install32.exe (PID: 3688)
      • mtk_etw_log.exe (PID: 2544)

    • Creates files in the program directory

      • Mediatek SP Driver v5.1632 Setup.tmp (PID: 3580)
      • mtk_etw_log.exe (PID: 2544)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Inno Setup installer (77.7)
.exe | Win32 Executable Delphi generic (10)
.dll | Win32 Dynamic Link Library (generic) (4.6)
.exe | Win32 Executable (generic) (3.1)
.exe | Win16/32 Executable Delphi generic (1.4)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 1992:06:20 00:22:17+02:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi
PEType: PE32
LinkerVersion: 2.25
CodeSize: 41472
InitializedDataSize: 17920
UninitializedDataSize: -
EntryPoint: 0xaa98
OSVersion: 1
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 5.16.32.4
ProductVersionNumber: 5.16.32.4
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: This installation was built with Inno Setup.
CompanyName: MediaTek.Inc.
FileDescription: MediaTek SP Driver Setup
FileVersion: 5.16.32.04
LegalCopyright: CopyRight © 2016 Media Tek Inc.
ProductName: MediaTek SP Driver
ProductVersion: 5.16.32.04
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
60
Monitored processes
19
Malicious processes
13
Suspicious processes
0

Behavior graph

Click at the process to see the details
start mediatek sp driver v5.1632 setup.exe no specs mediatek sp driver v5.1632 setup.tmp no specs mediatek sp driver v5.1632 setup.exe mediatek sp driver v5.1632 setup.tmp install32.exe no specs drvinst.exe no specs drvinst.exe no specs drvinst.exe no specs drvinst.exe no specs drvinst.exe no specs drvinst.exe no specs rundll32.exe no specs vssvc.exe no specs drvinst.exe no specs rundll32.exe no specs mtk_etw_log.exe no specs ns3149.tmp no specs logman.exe no specs wmpnscfg.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1848logman.exe create trace MediaTek_COM_LOG_INIT -mode 0x8002 -ln MediaTek_COM_LOG_INIT -max 512 -ft 1 -o C:\Windows\system32\LogFiles\WMI\MediaTek\COM_LOG.etl.001 -p {8ffa488b-07d9-4ef5-b1b2-a0bea188dc1b} 0xffffff 4 -f bin -a -etsC:\Windows\System32\logman.exens3149.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Performance Log Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\logman.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
1944rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 10 Global\{28b95c67-f2a0-7f36-30cd-526a06ea9f6b} Global\{6297af6b-cf12-3ad7-344c-f42c6c8cb87a} C:\Windows\System32\DriverStore\Temp\{57e2a42e-9cc4-5987-a04e-2f1f488bc16e}\wpdmtp.inf C:\Windows\System32\rundll32.exedrvinst.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\rundll32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imagehlp.dll
2028DrvInst.exe "4" "0" "C:\Users\admin\AppData\Local\Temp\{7be97746-cef6-05c2-c77c-bb394e6f5a21}\wpdmtp.inf" "0" "66c8dc0df" "0000054C" "WinSta0\Default" "000004AC" "208" "C:\Program Files\MediaTek\SP Driver\drv"C:\Windows\System32\drvinst.exesvchost.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Driver Installation Module
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\drvinst.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
2544"C:\Program Files\MediaTek\SP Driver\Tools\mtk_etw_log.exe" /S /Vendor=MediaTek /LoggerName=COM_LOG /MaxFileSize=512 /FileMax=10 /Guid=8ffa488b-07d9-4ef5-b1b2-a0bea188dc1b /EnableLevel=4 /EnableFlags=0xffffff /D="C:\Program Files\MediaTek\SP Driver\.."C:\Program Files\MediaTek\SP Driver\Tools\mtk_etw_log.exeMediatek SP Driver v5.1632 Setup.tmp
User:
admin
Company:
MediaTek
Integrity Level:
HIGH
Exit code:
0
Version:
1.12.44.1
Modules
Images
c:\program files\mediatek\sp driver\tools\mtk_etw_log.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
2736"C:\Users\admin\AppData\Local\Temp\nsp2FC2.tmp\ns3149.tmp" logman.exe create trace MediaTek_COM_LOG_INIT -mode 0x8002 -ln MediaTek_COM_LOG_INIT -max 512 -ft 1 -o C:\Windows\system32\LogFiles\WMI\MediaTek\COM_LOG.etl.001 -p {8ffa488b-07d9-4ef5-b1b2-a0bea188dc1b} 0xffffff 4 -f bin -a -etsC:\Users\admin\AppData\Local\Temp\nsp2FC2.tmp\ns3149.tmpmtk_etw_log.exe
User:
admin
Integrity Level:
HIGH
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\temp\nsp2fc2.tmp\ns3149.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
2912"C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exe" C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exeexplorer.exe
User:
admin
Company:
MediaTek.Inc.
Integrity Level:
MEDIUM
Description:
MediaTek SP Driver Setup
Exit code:
0
Version:
5.16.32.04
Modules
Images
c:\users\admin\appdata\local\temp\mediatek sp driver v5.1632 setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
3164"C:\Users\admin\AppData\Local\Temp\is-7EKVQ.tmp\Mediatek SP Driver v5.1632 Setup.tmp" /SL5="$70134,9055663,57856,C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exe" C:\Users\admin\AppData\Local\Temp\is-7EKVQ.tmp\Mediatek SP Driver v5.1632 Setup.tmpMediatek SP Driver v5.1632 Setup.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Setup/Uninstall
Exit code:
0
Version:
51.52.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-7ekvq.tmp\mediatek sp driver v5.1632 setup.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
3276"C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exe" /SPAWNWND=$401F4 /NOTIFYWND=$70134 C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exe
Mediatek SP Driver v5.1632 Setup.tmp
User:
admin
Company:
MediaTek.Inc.
Integrity Level:
HIGH
Description:
MediaTek SP Driver Setup
Exit code:
0
Version:
5.16.32.04
Modules
Images
c:\users\admin\appdata\local\temp\mediatek sp driver v5.1632 setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
3440"C:\Program Files\Windows Media Player\wmpnscfg.exe"C:\Program Files\Windows Media Player\wmpnscfg.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Media Player Network Sharing Service Configuration Application
Exit code:
0
Version:
12.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\program files\windows media player\wmpnscfg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\ole32.dll
3580"C:\Users\admin\AppData\Local\Temp\is-VS9DV.tmp\Mediatek SP Driver v5.1632 Setup.tmp" /SL5="$601F6,9055663,57856,C:\Users\admin\AppData\Local\Temp\Mediatek SP Driver v5.1632 Setup.exe" /SPAWNWND=$401F4 /NOTIFYWND=$70134 C:\Users\admin\AppData\Local\Temp\is-VS9DV.tmp\Mediatek SP Driver v5.1632 Setup.tmp
Mediatek SP Driver v5.1632 Setup.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.52.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-vs9dv.tmp\mediatek sp driver v5.1632 setup.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
Total events
17 802
Read events
17 561
Write events
231
Delete events
10

Modification events

(PID) Process:(3440) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{A0907C2E-F2EF-45EA-8FF7-09F391F5C737}\{857FCC3A-0758-40BD-AF81-EBA324CC6E41}
Operation:delete keyName:(default)
Value:
(PID) Process:(3440) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{A0907C2E-F2EF-45EA-8FF7-09F391F5C737}
Operation:delete keyName:(default)
Value:
(PID) Process:(3440) wmpnscfg.exeKey:HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Health\{622543A4-75A1-49AC-B1EB-13369586EEDA}
Operation:delete keyName:(default)
Value:
(PID) Process:(3688) install32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3864) drvinst.exeKey:HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3912) drvinst.exeKey:HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3988) drvinst.exeKey:HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3724) drvinst.exeKey:HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(4004) drvinst.exeKey:HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(4072) drvinst.exeKey:HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
Operation:writeName:SrCreateRp (Enter)
Value:
4000000000000000F2B487BA16B0D901C80700002C0A0000D5070000000000000000000000000000000000000000000000000000000000000000000000000000
Executable files
51
Suspicious files
126
Text files
12
Unknown types
0

Dropped files

PID
Process
Filename
Type
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\is-OJ800.tmpexecutable
MD5:4475269E8F6E70A19E5DA80A8AE2E841
SHA256:A161D131C0D8906E29FC409B57A16C8DAE4D4732028541F97E5EC16CF8341C64
3276Mediatek SP Driver v5.1632 Setup.exeC:\Users\admin\AppData\Local\Temp\is-VS9DV.tmp\Mediatek SP Driver v5.1632 Setup.tmpexecutable
MD5:832DAB307E54AA08F4B6CDD9B9720361
SHA256:CC783A04CCBCA4EDD06564F8EC88FE5A15F1E3BB26CEC7DE5E090313520D98F3
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\Manual\DPInst.txttext
MD5:3E1FA562CA665BBD07120FBA098AE041
SHA256:3CBEBCC7794B4FD76935764A7EE9DB67AEBF9DBDE3B01CC07920C0041D8C0289
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\Manual\is-3FB84.tmptext
MD5:3E1FA562CA665BBD07120FBA098AE041
SHA256:3CBEBCC7794B4FD76935764A7EE9DB67AEBF9DBDE3B01CC07920C0041D8C0289
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\drv\tetherxp.infbinary
MD5:09D8F3463500DE1A90F00766C2FC62FC
SHA256:D1FEE1B1B80C509378BA308CFACB44F5700621228480AC39461399C5063CE9EE
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\drv\is-AOB1L.tmpbinary
MD5:4DC3CD2A09557ABCA0A072C0B6D74D40
SHA256:C39C9DD8644262D0741969C6D69780BF4DCC1147DB8E6799D34AB687ECF15003
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\drv\is-C8KQ0.tmpbinary
MD5:09D8F3463500DE1A90F00766C2FC62FC
SHA256:D1FEE1B1B80C509378BA308CFACB44F5700621228480AC39461399C5063CE9EE
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\drv\wpdmtp.infbinary
MD5:4DC3CD2A09557ABCA0A072C0B6D74D40
SHA256:C39C9DD8644262D0741969C6D69780BF4DCC1147DB8E6799D34AB687ECF15003
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\drv\Android\is-OJ2F6.tmpbinary
MD5:38BFD11924FA446AAFA6F4C121D143CA
SHA256:DFF9D8A8C0C65BCFE6CC76ACEBA6F541692D3E835C26019FB73470084C0FBA31
3580Mediatek SP Driver v5.1632 Setup.tmpC:\Program Files\MediaTek\SP Driver\unins000.exeexecutable
MD5:4475269E8F6E70A19E5DA80A8AE2E841
SHA256:A161D131C0D8906E29FC409B57A16C8DAE4D4732028541F97E5EC16CF8341C64
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
5
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
1080
svchost.exe
224.0.0.252:5355
unknown
4
System
192.168.100.255:138
whitelisted
2588
svchost.exe
239.255.255.250:1900
whitelisted

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Mediatek SP Driver v5.1632 Setup.exe