File name:

Ultimate Windows Tweaker Pack.rar

Full analysis: https://app.any.run/tasks/895b3a62-3fe3-4feb-b876-3274f384cb7d
Verdict: Malicious activity
Analysis date: June 01, 2024, 14:11:56
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-rar
File info: RAR archive data, v5
MD5:

CE43620F81C1AC6644A6694B8CF3F00F

SHA1:

CD60E000D8F41D05D5D6404F556F52CB3B4AFF45

SHA256:

E1C803F0488A0B4E9E1B47FDCA446732790AA2FA24057158D189C6D4502D261B

SSDEEP:

24576:7SWSpXbv6+qEgx7JCqAoDGHg+bndWq75nfPYQv1:7tSpXbv6+qEgx7JZAoDGHjdWq75nfPYI

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 3976)

    • Starts NET.EXE to view/add/change user profiles

      • cmd.exe (PID: 3676)
      • net.exe (PID: 3700)
      • cmd.exe (PID: 1640)
      • net.exe (PID: 3928)

    • Changes Windows Error Reporting flag

      • Ultimate Windows Tweaker.exe (PID: 1368)

    • Disables the Command Prompt (cmd)

      • Ultimate Windows Tweaker.exe (PID: 1368)

    • Changes the autorun value in the registry

      • Ultimate Windows Tweaker.exe (PID: 1368)

  • SUSPICIOUS

    • Starts CMD.EXE for commands execution

      • Ultimate Windows Tweaker.exe (PID: 1368)

    • Executes as Windows Service

      • VSSVC.exe (PID: 2188)

    • Searches for installed software

      • dllhost.exe (PID: 2136)

    • Reads the Windows owner or organization settings

      • Ultimate Windows Tweaker.exe (PID: 1368)

    • Reads the Internet Settings

      • Ultimate Windows Tweaker.exe (PID: 1368)

  • INFO

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 3976)
      • WinRAR.exe (PID: 2244)
      • WinRAR.exe (PID: 2732)

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 2244)
      • msedge.exe (PID: 2796)
      • msedge.exe (PID: 3080)
      • WinRAR.exe (PID: 2732)

    • Manual execution by a user

      • Ultimate Windows Tweaker 4.8.exe (PID: 2464)
      • WinRAR.exe (PID: 2244)
      • Ultimate Windows Tweaker 4.8.exe (PID: 1928)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2664)
      • notepad.exe (PID: 2188)
      • Ultimate Windows Tweaker 4.8.exe (PID: 1028)
      • Ultimate Windows Tweaker 4.8.exe (PID: 1240)
      • msedge.exe (PID: 2796)
      • wmpnscfg.exe (PID: 3816)
      • Ultimate Windows Tweaker.exe (PID: 4056)
      • Ultimate Windows Tweaker.exe (PID: 1368)
      • cmd.exe (PID: 3784)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2548)
      • notepad.exe (PID: 3848)

    • Checks supported languages

      • Ultimate Windows Tweaker 4.8.exe (PID: 2464)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2664)
      • wmpnscfg.exe (PID: 3816)
      • Ultimate Windows Tweaker.exe (PID: 1368)
      • Ultimate Windows Tweaker 4.8.exe (PID: 1028)

    • Reads the computer name

      • Ultimate Windows Tweaker 4.8.exe (PID: 1028)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2464)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2664)
      • wmpnscfg.exe (PID: 3816)
      • Ultimate Windows Tweaker.exe (PID: 1368)

    • Reads the machine GUID from the registry

      • Ultimate Windows Tweaker 4.8.exe (PID: 2664)
      • Ultimate Windows Tweaker.exe (PID: 1368)
      • Ultimate Windows Tweaker 4.8.exe (PID: 2464)
      • Ultimate Windows Tweaker 4.8.exe (PID: 1028)

    • The process uses the downloaded file

      • msedge.exe (PID: 2264)
      • WinRAR.exe (PID: 2732)

    • Reads the time zone

      • net1.exe (PID: 3804)
      • net1.exe (PID: 2524)

    • Application launched itself

      • msedge.exe (PID: 2796)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.rar | RAR compressed archive (v5.0) (61.5)
.rar | RAR compressed archive (gen) (38.4)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
126
Monitored processes
64
Malicious processes
2
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe winrar.exe ultimate windows tweaker 4.8.exe no specs ultimate windows tweaker 4.8.exe notepad.exe no specs ultimate windows tweaker 4.8.exe no specs ultimate windows tweaker 4.8.exe ultimate windows tweaker 4.8.exe no specs ultimate windows tweaker 4.8.exe msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs wmpnscfg.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs winrar.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs ultimate windows tweaker.exe no specs ultimate windows tweaker.exe cmd.exe no specs net.exe no specs net1.exe no specs cmd.exe no specs net.exe no specs net1.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs SPPSurrogate no specs vssvc.exe no specs msedge.exe no specs msedge.exe no specs cmd.exe no specs msedge.exe no specs cmd.exe no specs notepad.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
368"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --first-renderer-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2216 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
692"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=1164 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1020"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3956 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1024"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3984 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:8C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1028"C:\Users\admin\Desktop\Ultimate Windows Tweaker 4.8\Ultimate Windows Tweaker 4.8.exe" C:\Users\admin\Desktop\Ultimate Windows Tweaker 4.8\Ultimate Windows Tweaker 4.8.exe
explorer.exe
User:
admin
Company:
The Windows Club
Integrity Level:
HIGH
Description:
Ultimate Windows Tweaker 4.8
Exit code:
0
Version:
4.8.0.0
Modules
Images
c:\users\admin\desktop\ultimate windows tweaker 4.8\ultimate windows tweaker 4.8.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
1080"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3980 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1184"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=2132 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1240"C:\Users\admin\Desktop\Ultimate Windows Tweaker 4.8\Ultimate Windows Tweaker 4.8.exe" C:\Users\admin\Desktop\Ultimate Windows Tweaker 4.8\Ultimate Windows Tweaker 4.8.exeexplorer.exe
User:
admin
Company:
The Windows Club
Integrity Level:
MEDIUM
Description:
Ultimate Windows Tweaker 4.8
Exit code:
3221226540
Version:
4.8.0.0
Modules
Images
c:\users\admin\desktop\ultimate windows tweaker 4.8\ultimate windows tweaker 4.8.exe
c:\windows\system32\ntdll.dll
1284"C:\Program Files\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4152 --field-trial-handle=1320,i,10556659830748864886,15191428959325626163,131072 /prefetch:1C:\Program Files\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
LOW
Description:
Microsoft Edge
Exit code:
0
Version:
109.0.1518.115
Modules
Images
c:\program files\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\microsoft\edge\application\109.0.1518.115\msedge_elf.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1368"C:\Users\admin\Desktop\UWT v2.2\Ultimate Windows Tweaker.exe" C:\Users\admin\Desktop\UWT v2.2\Ultimate Windows Tweaker.exe
explorer.exe
User:
admin
Integrity Level:
HIGH
Description:
Ultimate Windows Tweaker
Version:
2.2.0.0
Modules
Images
c:\users\admin\desktop\uwt v2.2\ultimate windows tweaker.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
Total events
24 957
Read events
23 855
Write events
396
Delete events
706

Modification events

(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(3976) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\curl-8.5.0_1-win32-mingw.zip
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Ultimate Windows Tweaker Pack.rar
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3976) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
Executable files
5
Suspicious files
268
Text files
60
Unknown types
2

Dropped files

PID
Process
Filename
Type
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\24GB Ram.regtext
MD5:B61F3A91476B5471AC43CB3CCB7855A8
SHA256:C2BBE087C8FD2F56B58700C7F8EE19525855EF5BFA4DD9A7DD315E99C38EDFEF
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\Cleaner\ATF-Cleaner.exeexecutable
MD5:D9DE89F0FAF18019BC9595F0F47BCA61
SHA256:E900D883001EC60353C2E8E1A54E1C5948A11513FFFAFBD5A28B44C1E319677A
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\For Windows 11\UWT5.zipcompressed
MD5:ACB41F9EE190D235A279A2EC51FB566E
SHA256:585F5A26710F303595B5210E905D93279CAB50F827F9B2F77B2E6F6A533EC1F7
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\16GB Ram.regtext
MD5:0B237013DEED49B23D7BC554428C61BD
SHA256:CF8B50BF2584488ADF9A629A3980BA6149A16131B73F1EDF0571B06C7CD35B9B
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\6GB Ram.regtext
MD5:5812550FF961E33A8727CEFC9C106506
SHA256:5A5711488873DB522C1092F55D47756B0632CDF2DFC4A2C747310A11B1E532DA
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\48GB Ram.regtext
MD5:5F74951E5CEAE31DEC1BFA65EB737F67
SHA256:7379D6819A0CCD37E0688FE0B38B237E70F435E6519736B14C77CACEDCE105CA
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\64GB Ram.regtext
MD5:2C745BCE4B294BC98D2DF8C9428BA733
SHA256:5A56903C364A5F4AFC1036E5F1EFF25826340D7C08A54C07CB91AC7906F188F2
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\3GB Ram.regtext
MD5:7C27A485A55FEE8A815C5FCEB4B27B87
SHA256:4B7E7AFA1A12FEECD575F5FDF2B405324C7D6444049938955891DE78FB3AA3A1
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\20GB Ram.regtext
MD5:558013B46D325679BAB85CCA901CEAF5
SHA256:C3537FAC4C63E20BEC51E6E4E4D86B68CFA8B13F258A256C0E536D81D870C398
3976WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3976.43908\Ultimate Windows Tweaker Pack\RAM Optimization\2GB Ram.regtext
MD5:5AE14EB3FEBA46B8E96B41278D7D73B4
SHA256:65C5F3E60952B0C38CF7F435DD81BECA9F49DF708AC62F8644E955626E13E466
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
245
DNS requests
296
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3080
msedge.exe
GET
200
192.229.221.95:80
http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1088
svchost.exe
224.0.0.252:5355
unknown
3080
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
3080
msedge.exe
172.67.73.191:443
www.thewindowsclub.com
CLOUDFLARENET
US
unknown
3080
msedge.exe
204.79.197.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
2796
msedge.exe
239.255.255.250:1900
unknown
3080
msedge.exe
172.67.199.186:443
privacy.gatekeeperconsent.com
CLOUDFLARENET
US
unknown
3080
msedge.exe
142.250.185.136:443
www.googletagmanager.com
GOOGLE
US
unknown
3080
msedge.exe
216.58.206.78:443
www.youtube.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
www.thewindowsclub.com
  • 172.67.73.191
  • 104.26.6.120
  • 104.26.7.120
unknown
config.edge.skype.com
  • 13.107.42.16
whitelisted
edge.microsoft.com
  • 204.79.197.239
  • 13.107.21.239
whitelisted
privacy.gatekeeperconsent.com
  • 172.67.199.186
  • 104.21.42.32
unknown
www.googletagmanager.com
  • 142.250.185.136
whitelisted
player.anyclip.com
  • 178.79.242.139
unknown
www.youtube.com
  • 216.58.206.78
  • 142.250.185.110
  • 172.217.18.14
  • 142.250.181.238
  • 142.250.186.78
  • 142.250.185.142
  • 142.250.185.78
  • 142.250.184.206
  • 142.250.185.174
  • 142.250.184.238
  • 142.250.185.206
  • 142.250.185.238
  • 172.217.16.142
  • 216.58.206.46
  • 142.250.186.46
  • 216.58.212.174
whitelisted
go.ezoic.net
  • 108.156.60.15
  • 108.156.60.71
  • 108.156.60.53
  • 108.156.60.42
shared
go.ezodn.com
  • 188.114.97.3
  • 188.114.96.3
unknown
reviews.thewindowsclub.com
  • 104.26.6.120
  • 172.67.73.191
  • 104.26.7.120
unknown

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Ultimate Windows Tweaker Pack.rar