URL:

https://mypoisk.top

Full analysis: https://app.any.run/tasks/ba0a8995-cc7b-4949-9b3e-a2d4728cd584
Verdict: Malicious activity
Analysis date: March 30, 2026, 15:04:19
OS: Windows 10 Professional (build: 19044, 64 bit)
MD5:

E85047DB6E5BADC9AAE3EC9CB0DF78ED

SHA1:

D87A8F87A90441796C6DB941ABE0F3F1101710EB

SHA256:

E471C929C31662A14E1D49054AF19D09472E73E2973219D753EC1D27F2452929

SSDEEP:

3:N8UOLRKV:2UnV

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
162
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
msedge.exe

Process information

PID
CMD
Path
Indicators
Parent process
7028"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-quic --webtransport-developer-mode --string-annotations --always-read-main-dll --field-trial-handle=2256,i,13378875761215938322,9620771509043916482,262144 --variations-seed-version --mojo-platform-channel-handle=2616 /prefetch:3C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
msedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Version:
133.0.3065.92
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\133.0.3065.92\msedge_elf.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\combase.dll
c:\windows\system32\rpcrt4.dll
Total events
0
Read events
0
Write events
0
Delete events
0

Modification events

No data
Executable files
21
Suspicious files
5
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b5binary
MD5:E762FE48F237433248062D4C1D1ACB8B
SHA256:6D10FFE4E339CD38A2BFD67C3AB03510CD768C7010934ECC17C1B0504588005A
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b6text
MD5:5AB830F0D4CEACA00B7B8E40FD85395F
SHA256:58BE14836D0572E07D78A8152DA5194FA70656B3EBDB972ED0DDE9F8C6F10BD7
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bbtext
MD5:5AB830F0D4CEACA00B7B8E40FD85395F
SHA256:58BE14836D0572E07D78A8152DA5194FA70656B3EBDB972ED0DDE9F8C6F10BD7
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b7text
MD5:13174210FA4A4D90A0370862A9211B5F
SHA256:D0CBF046AD2AF07B30D3BA7916035BAD03CB3943E371B7F45D799331456A5F3E
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000b9binary
MD5:D41423E2E94F4C8FC2C65BED2F65F29B
SHA256:02EB2902FEA6CE3FE2A81034F6834D4FDF7310C35286B6349EAC8D97DD9333AD
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000c1text
MD5:110D34A82107D8E00E51B98444C0CBF6
SHA256:859879035B6DECD692817D5FC2E33EEA1763FD26916E10ABE526C3DFF2C150BD
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bacompressed
MD5:0B1A8B97F4F4147E9598D5F3FB9014EC
SHA256:F5E92E832A277A2A8B8195E299AB8AC55C9BE2338C579751647F0A1EDD733D8A
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000betext
MD5:A633FFB262CE47F0DF9D92F0C459C6C2
SHA256:ACF8759C42025DFC9A1ECCEF575096CC66449287C1C2733177C5C37AE21EA44E
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bdtext
MD5:D17B806DA2C9A725EA4F0EDF51809FBF
SHA256:C219B524DF8C749A4F4BF3FF059B9EC55A6576E5CC9C1685CEDEC13A5D62C3C4
7028msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000bctext
MD5:6F6B4F3A8A49EFAF4D1ED48501589AFE
SHA256:B5F947CEA3A1A800FFFD4C00BAD4AC2B692204F7655E970986D5751B87B0072B
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
187
TCP/UDP connections
102
DNS requests
96
Threats
23

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
7760
svchost.exe
HEAD
200
23.197.142.186:443
https://fs.microsoft.com/fs/windows/config.json
US
whitelisted
5336
MoUsoCoreWorker.exe
GET
304
4.231.128.59:443
https://settings-win.data.microsoft.com/settings/v3.0/wsd/muse?ProcessorClockSpeed=3593&FlightIds=&UpdateOfferedDays=344&BranchReadinessLevel=CB&OEMManufacturerName=DELL&IsCloudDomainJoined=0&ProcessorIdentifier=AMD64%20Family%206%20Model%2014%20Stepping%203&sku=48&ActivationChannel=Retail&AttrDataVer=188&IsMDMEnrolled=0&ProcessorCores=4&ProcessorModel=Intel%28R%29%20Core%28TM%29%20i5-6400%20CPU%20%40%202.70GHz&TotalPhysicalRAM=4096&PrimaryDiskType=4294967295&FlightingBranchName=&ChassisTypeId=1&OEMModelNumber=DELL&SystemVolumeTotalCapacity=260246&sampleId=95271487&deviceClass=Windows.Desktop&App=muse&DisableDualScan=0&AppVer=10.0&OEMSubModel=J5CR&locale=en-US&IsAlwaysOnAlwaysConnectedCapable=0&ms=0&DefaultUserRegion=244&osVer=10.0.19045.4046.amd64fre.vb_release.191206-1406&os=windows&deviceId=s%3ABAD99146-31D3-4EC6-A1A4-BE76F32BA5D4&DeferQualityUpdatePeriodInDays=0&ring=Retail&DeferFeatureUpdatePeriodInDays=30
US
whitelisted
2352
RUXIMICS.exe
GET
304
4.231.128.59:443
https://settings-win.data.microsoft.com/settings/v3.0/WSD/RUXIM?os=Windows&osVer=10.0.19045.4046.amd64fre.vb_release.191206-1406&sku=48&deviceClass=Windows.Desktop&locale=en-US&deviceId=s:BAD99146-31D3-4EC6-A1A4-BE76F32BA5D4&sampleId=s:95271487&appVer=10.0.19041.3623&OSVersionFull=10.0.19045.4046.amd64fre.vb_release.191206-1406&FlightRing=Retail&AttrDataVer=188&App=RUXIM&AppVer=&DeviceFamily=Windows.Desktop
US
whitelisted
7028
msedge.exe
GET
200
38.180.101.197:443
https://mypoisk.top/
US
binary
3.75 Kb
unknown
2352
RUXIMICS.exe
GET
200
23.216.77.22:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
NL
binary
825 b
whitelisted
5336
MoUsoCoreWorker.exe
GET
200
23.216.77.22:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
NL
binary
825 b
whitelisted
5208
svchost.exe
GET
200
23.216.77.22:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
NL
binary
825 b
whitelisted
7028
msedge.exe
GET
200
92.123.104.46:443
https://www.bing.com/bloomfilterfiles/ExpandedDomainsFilterGlobal.json
unknown
binary
665 Kb
whitelisted
2352
RUXIMICS.exe
GET
200
23.52.181.212:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
US
binary
814 b
whitelisted
5336
MoUsoCoreWorker.exe
GET
200
23.52.181.212:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
US
binary
814 b
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2352
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
5336
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
5208
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
224.0.0.251:5353
whitelisted
7028
msedge.exe
2.16.241.207:443
www.bing.com
AKAMAI-ASN1
NL
whitelisted
7028
msedge.exe
38.180.101.197:443
mypoisk.top
M247
RO
unknown
2352
RUXIMICS.exe
23.216.77.22:80
crl.microsoft.com
AKAMAI-ASN1
NL
whitelisted
5336
MoUsoCoreWorker.exe
23.216.77.22:80
crl.microsoft.com
AKAMAI-ASN1
NL
whitelisted
5208
svchost.exe
23.216.77.22:80
crl.microsoft.com
AKAMAI-ASN1
NL
whitelisted
2352
RUXIMICS.exe
23.52.181.212:80
www.microsoft.com
AKAMAI-AS
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
whitelisted
google.com
  • 142.251.13.113
  • 142.251.13.138
  • 142.251.13.102
  • 142.251.13.100
  • 142.251.13.101
  • 142.251.13.139
whitelisted
www.bing.com
  • 2.16.241.207
  • 2.16.241.205
  • 2.16.241.218
  • 2.16.241.206
  • 2.16.241.204
  • 2.16.241.222
  • 184.86.251.4
  • 184.86.251.9
  • 184.86.251.11
  • 184.86.251.7
  • 184.86.251.14
  • 184.86.251.30
  • 184.86.251.5
  • 184.86.251.8
  • 184.86.251.10
  • 184.86.251.20
  • 184.86.251.23
  • 184.86.251.22
  • 184.86.251.21
  • 184.86.251.24
  • 184.86.251.19
  • 184.86.251.28
  • 184.86.251.27
  • 184.86.251.25
  • 184.86.251.29
  • 184.86.251.31
  • 184.86.251.15
  • 184.86.251.18
whitelisted
mypoisk.top
  • 38.180.101.197
unknown
crl.microsoft.com
  • 23.216.77.22
  • 23.216.77.8
  • 23.216.77.21
  • 23.216.77.25
  • 23.216.77.20
  • 23.216.77.18
  • 23.216.77.15
  • 23.216.77.19
  • 23.216.77.7
  • 23.216.77.13
  • 23.216.77.11
  • 23.216.77.5
whitelisted
www.microsoft.com
  • 23.52.181.212
whitelisted
cdn.jsdelivr.net
  • 151.101.193.229
  • 151.101.1.229
  • 151.101.65.229
  • 151.101.129.229
  • 104.16.174.226
  • 104.16.175.226
whitelisted
fs.microsoft.com
  • 23.197.142.186
whitelisted
devtools.azureedge.net
whitelisted
edge.microsoft.com
  • 150.171.28.11
  • 150.171.27.11
whitelisted

Threats

PID
Process
Class
Message
7028
msedge.exe
Potentially Bad Traffic
ET DNS Query to a *.top domain - Likely Hostile
7028
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
Potentially Bad Traffic
ET INFO HTTP Request to a *.top domain
7028
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
5336
MoUsoCoreWorker.exe
Unknown Traffic
ET USER_AGENTS Microsoft Dr Watson User-Agent (MSDW)
Potentially Bad Traffic
ET INFO HTTP Request to a *.top domain
Potentially Bad Traffic
ET INFO HTTP Request to a *.top domain
7028
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
7028
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Requests to a free CDN for open source projects (jsdelivr .net)
7028
msedge.exe
Potentially Bad Traffic
ET INFO HTTP traffic on port 443 (POST)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://mypoisk.top