File name:

free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe

Full analysis: https://app.any.run/tasks/1bcee720-05c7-4e2f-a1aa-cd658e925972
Verdict: Malicious activity
Analysis date: January 10, 2025, 21:59:05
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
MD5:

B776B2146AF1AE4D17D1E5CD5A808228

SHA1:

28E9A3E892D02637C1999EE19AFC29EA62CB0B5B

SHA256:

DD89DA675066D066FD33C1D08AE724876FA7E8C103219C64F3368064A7A122D3

SSDEEP:

98304:jPIRMu5DUrszskSGjKuV3XNr/g4T6Gq+flu+e7ce/Unba+O+CB3jD9hlI:k

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.exe (PID: 6960)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Reads security settings of Internet Explorer

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Process drops legitimate windows executable

      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Reads the Windows owner or organization settings

      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Checks Windows Trust Settings

      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

  • INFO

    • The sample compiled with english language support

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Checks supported languages

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.exe (PID: 6960)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)
      • goup.exe (PID: 2744)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Reads the computer name

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Reads the machine GUID from the registry

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Checks proxy server information

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Reads the software policy settings

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Sends debugging messages

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)

    • Process checks computer location settings

      • free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe (PID: 6232)
      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Creates files in the program directory

      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)

    • Creates files or folders in the user directory

      • FreeEasyM4AtoMP3Converter.exe (PID: 6172)

    • Create files in a temporary directory

      • free-easy-m4a-to-mp3-converter-7.8.1-installer.exe (PID: 6960)
      • free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp (PID: 6988)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win64 Executable (generic) (17.3)
.dll | Win32 Dynamic Link Library (generic) (4.1)
.exe | Win32 Executable (generic) (2.8)
.exe | Generic Win/DOS Executable (1.2)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2024:10:31 15:24:12+00:00
ImageFileCharacteristics: Executable, 32-bit
PEType: PE32
LinkerVersion: 14.42
CodeSize: 2143744
InitializedDataSize: 2316288
UninitializedDataSize: -
EntryPoint: 0x1c118b
OSVersion: 6
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 3.0.11.0
ProductVersionNumber: 3.0.11.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Windows NT 32-bit
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: Softonic
FileDescription: Softonic
FileVersion: 3.0.11.0.0
LegalCopyright: (c) Softonic
ProductName: Softonic
ProductVersion: 3.0.11.0.0
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
131
Monitored processes
6
Malicious processes
1
Suspicious processes
2

Behavior graph

Click at the process to see the details
start free-easy-m4a-to-mp3-converter-7.8.1-installer_8nagh-2.exe free-easy-m4a-to-mp3-converter-7.8.1-installer.exe free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp freeeasym4atomp3converter.exe goup.exe free-easy-m4a-to-mp3-converter-7.8.1-installer_8nagh-2.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2744"C:\Program Files (x86)\Free Easy M4A to MP3 Converter\goup.exe" C:\Program Files (x86)\Free Easy M4A to MP3 Converter\goup.exe
FreeEasyM4AtoMP3Converter.exe
User:
admin
Integrity Level:
HIGH
Exit code:
0
Modules
Images
c:\program files (x86)\free easy m4a to mp3 converter\goup.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
5916"C:\Users\admin\AppData\Local\Temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe" C:\Users\admin\AppData\Local\Temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exeexplorer.exe
User:
admin
Company:
Softonic
Integrity Level:
MEDIUM
Description:
Softonic
Exit code:
3221226540
Version:
3.0.11.0.0
Modules
Images
c:\users\admin\appdata\local\temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8nagh-2.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
6172"C:\Program Files (x86)\Free Easy M4A to MP3 Converter\FreeEasyM4AtoMP3Converter.exe"C:\Program Files (x86)\Free Easy M4A to MP3 Converter\FreeEasyM4AtoMP3Converter.exe
free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\program files (x86)\free easy m4a to mp3 converter\freeeasym4atomp3converter.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
6232"C:\Users\admin\AppData\Local\Temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe" C:\Users\admin\AppData\Local\Temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
explorer.exe
User:
admin
Company:
Softonic
Integrity Level:
HIGH
Description:
Softonic
Exit code:
0
Version:
3.0.11.0.0
Modules
Images
c:\users\admin\appdata\local\temp\free-easy-m4a-to-mp3-converter-7.8.1-installer_8nagh-2.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
6960"C:\Users\admin\Downloads\free-easy-m4a-to-mp3-converter-7.8.1-installer.exe" C:\Users\admin\Downloads\free-easy-m4a-to-mp3-converter-7.8.1-installer.exe
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
User:
admin
Company:
Freeease.net.
Integrity Level:
HIGH
Description:
Free Easy M4A to MP3 Converter Setup
Exit code:
0
Version:
Modules
Images
c:\users\admin\downloads\free-easy-m4a-to-mp3-converter-7.8.1-installer.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
6988"C:\Users\admin\AppData\Local\Temp\is-PHLEV.tmp\free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp" /SL5="$6035E,4855342,56832,C:\Users\admin\Downloads\free-easy-m4a-to-mp3-converter-7.8.1-installer.exe" C:\Users\admin\AppData\Local\Temp\is-PHLEV.tmp\free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp
free-easy-m4a-to-mp3-converter-7.8.1-installer.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.52.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-phlev.tmp\free-easy-m4a-to-mp3-converter-7.8.1-installer.tmp
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
Total events
5 023
Read events
5 004
Write events
19
Delete events
0

Modification events

(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: Setup Version
Value:
5.5.5 (a)
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: App Path
Value:
C:\Program Files (x86)\Free Easy M4A to MP3 Converter
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:InstallLocation
Value:
C:\Program Files (x86)\Free Easy M4A to MP3 Converter\
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: Icon Group
Value:
Free Easy M4A to MP3 Converter
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: User
Value:
admin
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: Selected Tasks
Value:
adddesk,addstartmenu,addquicklaunch
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: Deselected Tasks
Value:
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:Inno Setup: Language
Value:
en
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:DisplayName
Value:
Free Easy M4A to MP3 Converter 7.8.1
(PID) Process:(6988) free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy M4A to MP3 Converter_is1
Operation:writeName:UninstallString
Value:
"C:\Program Files (x86)\Free Easy M4A to MP3 Converter\unins000.exe"
Executable files
26
Suspicious files
11
Text files
37
Unknown types
1

Dropped files

PID
Process
Filename
Type
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\is-70A5R.tmpexecutable
MD5:3C1BCE4D0AA5BCD8FE9217079C360B4C
SHA256:8A6A1BEE64B29985398784C8897C6271D5378B3F89F38FE7F728E509BBCE6B5E
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\unins000.exeexecutable
MD5:25661B092B62715A9A5EB2C30A1AD3AE
SHA256:083F5A881F1DAB3ECFF42AD7CC58884430D5ED7347ECE2A1EC6A2E230C64FC2F
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\avcodec-52.dllexecutable
MD5:56F4A5F65C0801363B6F13355E59236D
SHA256:6A3354642A9FD04C98B0146429DB2A38CFE56824F725F38F1592F3C76ED6B8CE
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\is-QTHAC.tmpexecutable
MD5:56F4A5F65C0801363B6F13355E59236D
SHA256:6A3354642A9FD04C98B0146429DB2A38CFE56824F725F38F1592F3C76ED6B8CE
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Users\admin\AppData\Local\Temp\is-74DQC.tmp\_isetup\_shfoldr.dllexecutable
MD5:92DC6EF532FBB4A5C3201469A5B5EB63
SHA256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
6960free-easy-m4a-to-mp3-converter-7.8.1-installer.exeC:\Users\admin\AppData\Local\Temp\is-PHLEV.tmp\free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpexecutable
MD5:9303156631EE2436DB23827E27337BE4
SHA256:BAE22F27C12BCE1FAEB64B6EB733302AFF5867BAA8EED832397A7CE284A86FF4
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\is-L39F3.tmpexecutable
MD5:843BE18112BE148F9817B9F8A7050A10
SHA256:8ECDDB3A72CE3842C237F7CF26D2FAA152C31CC3CDD02C79DDFF2FF2B0F7C977
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Users\admin\AppData\Local\Temp\is-74DQC.tmp\_isetup\_setup64.tmpexecutable
MD5:526426126AE5D326D0A24706C77D8C5C
SHA256:B20A8D88C550981137ED831F2015F5F11517AEB649C29642D9D61DEA5EBC37D1
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\avcore-0.dllexecutable
MD5:843BE18112BE148F9817B9F8A7050A10
SHA256:8ECDDB3A72CE3842C237F7CF26D2FAA152C31CC3CDD02C79DDFF2FF2B0F7C977
6988free-easy-m4a-to-mp3-converter-7.8.1-installer.tmpC:\Program Files (x86)\Free Easy M4A to MP3 Converter\lib\avdevice-52.dllexecutable
MD5:7D9C927DD8E1A90CCCFC76AFAF0F4084
SHA256:730F3C1106AAAC11B3D6ACD7A9FB8F138FE5B01FCD62BA347756164251FBB2B4
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
18
TCP/UDP connections
58
DNS requests
21
Threats
7

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
4712
MoUsoCoreWorker.exe
GET
200
23.48.23.173:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
23.48.23.173:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
4712
MoUsoCoreWorker.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
23.48.23.173:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
1176
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
5064
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
6172
FreeEasyM4AtoMP3Converter.exe
GET
302
45.56.127.75:80
http://www.cacheflyserver.com/ad/bundleCO/freeease.net.dat
unknown
malicious
6220
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
40.127.240.158:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:137
whitelisted
4712
MoUsoCoreWorker.exe
23.48.23.173:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
23.48.23.173:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
4712
MoUsoCoreWorker.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
4
System
192.168.100.255:138
whitelisted
5064
SearchApp.exe
104.126.37.137:443
www.bing.com
Akamai International B.V.
DE
whitelisted
1176
svchost.exe
20.190.159.75:443
login.live.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
1176
svchost.exe
192.229.221.95:80
ocsp.digicert.com
EDGECAST
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 40.127.240.158
  • 51.104.136.2
whitelisted
crl.microsoft.com
  • 23.48.23.173
  • 23.48.23.167
  • 23.48.23.180
  • 23.48.23.143
  • 23.48.23.177
whitelisted
google.com
  • 142.250.186.142
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted
www.bing.com
  • 104.126.37.137
  • 104.126.37.152
  • 104.126.37.146
  • 104.126.37.131
  • 104.126.37.145
  • 104.126.37.130
  • 104.126.37.123
  • 104.126.37.129
  • 104.126.37.139
whitelisted
login.live.com
  • 20.190.159.75
  • 40.126.31.71
  • 40.126.31.73
  • 20.190.159.2
  • 20.190.159.71
  • 20.190.159.4
  • 40.126.31.67
  • 20.190.159.68
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
go.microsoft.com
  • 23.35.238.131
whitelisted
di7e1j5f1plfo.cloudfront.net
  • 18.245.78.188
  • 18.245.78.145
  • 18.245.78.185
  • 18.245.78.212
whitelisted
images.sftcdn.net
  • 151.101.65.91
  • 151.101.129.91
  • 151.101.1.91
  • 151.101.193.91
whitelisted

Threats

PID
Process
Class
Message
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
2744
goup.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
6172
FreeEasyM4AtoMP3Converter.exe
A Network Trojan was detected
ET USER_AGENTS Suspicious User-Agent (Clever Internet Suite)
Process
Message
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
LoadingPage
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
WelcomePage
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
ProductPage
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
ProductPage
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
DownloadPageDLM
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe
FinishPageDLM
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
free-easy-m4a-to-mp3-converter-7.8.1-installer_8NaGh-2.exe