URL:

https://www.opera.com/

Full analysis: https://app.any.run/tasks/10d76b4e-5dfc-4ff3-98d0-9a5afc2f9908
Verdict: Malicious activity
Threats:

Stealers are a group of malicious software that are intended for gaining unauthorized access to users’ information and transferring it to the attacker. The stealer malware category includes various types of programs that focus on their particular kind of data, including files, passwords, and cryptocurrency. Stealers are capable of spying on their targets by recording their keystrokes and taking screenshots. This type of malware is primarily distributed as part of phishing campaigns.

Malware Trends Tracker     >>>
Analysis date: June 21, 2025, 22:20:48
OS: Windows 10 Professional (build: 19044, 64 bit)
Tags:
stealer
opera
tool
crypto-regex
Indicators:
MD5:

0846230F884AF543F5389E35D9BF2215

SHA1:

37A97E6795E89C3537498C5DAAE2DA521A13C1BC

SHA256:

E86723FC0A4176FDD336AC0802C453E457A05C1F857D082A340FA18DE55BA253

SSDEEP:

3:N8DSLPlGn:2OLPlG

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Steals credentials from Web Browsers

      • setup.exe (PID: 4236)
      • setup.exe (PID: 2532)
      • assistant_installer.exe (PID: 6688)
      • setup.exe (PID: 7516)
      • setup.exe (PID: 888)
      • assistant_installer.exe (PID: 5900)
      • installer.exe (PID: 6292)
      • installer.exe (PID: 7188)
      • assistant_installer.exe (PID: 8100)
      • assistant_installer.exe (PID: 1816)
      • assistant_installer.exe (PID: 1204)
      • assistant_installer.exe (PID: 7976)
      • opera.exe (PID: 7872)
      • opera_crashreporter.exe (PID: 8168)
      • opera_crashreporter.exe (PID: 8012)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 7452)
      • opera_crashreporter.exe (PID: 6540)
      • opera_crashreporter.exe (PID: 7248)
      • opera.exe (PID: 1564)
      • browser_assistant.exe (PID: 7760)
      • opera_crashreporter.exe (PID: 2040)
      • opera.exe (PID: 5780)
      • browser_assistant.exe (PID: 6364)
      • opera_crashreporter.exe (PID: 5556)
      • opera.exe (PID: 8092)
      • opera_crashreporter.exe (PID: 6516)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 8136)
      • installer.exe (PID: 7276)
      • installer.exe (PID: 516)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 5772)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 5780)
      • opera_autoupdate.exe (PID: 2324)
      • opera_autoupdate.exe (PID: 7140)
      • opera.exe (PID: 5560)
      • opera_crashreporter.exe (PID: 6132)
      • opera_crashreporter.exe (PID: 5400)
      • opera.exe (PID: 3476)
      • opera_crashreporter.exe (PID: 5716)
      • opera.exe (PID: 2560)
      • opera.exe (PID: 3972)
      • opera_crashreporter.exe (PID: 6084)
      • opera.exe (PID: 2560)
      • browser_assistant.exe (PID: 5516)
      • browser_assistant.exe (PID: 4992)
      • opera_crashreporter.exe (PID: 5500)

    • Actions looks like stealing of personal data

      • setup.exe (PID: 2532)
      • opera_crashreporter.exe (PID: 8012)
      • opera_crashreporter.exe (PID: 8168)
      • opera.exe (PID: 7432)
      • opera_crashreporter.exe (PID: 6540)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 8136)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 5772)
      • opera_autoupdate.exe (PID: 7140)
      • opera_autoupdate.exe (PID: 2324)
      • browser_assistant.exe (PID: 5516)

    • Changes the autorun value in the registry

      • assistant_installer.exe (PID: 7976)

  • SUSPICIOUS

    • Creates file in the systems drive root

      • explorer.exe (PID: 4772)

    • Application launched itself

      • setup.exe (PID: 2532)
      • assistant_installer.exe (PID: 5900)
      • setup.exe (PID: 7516)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 7976)
      • assistant_installer.exe (PID: 1816)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 4892)
      • installer.exe (PID: 516)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 2324)
      • updater.exe (PID: 4124)
      • browser_assistant.exe (PID: 5516)
      • updater.exe (PID: 5716)

    • Executable content was dropped or overwritten

      • OperaSetup.exe (PID: 2348)
      • setup.exe (PID: 2532)
      • setup.exe (PID: 4236)
      • setup.exe (PID: 504)
      • Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 8188)
      • setup.exe (PID: 7516)
      • setup.exe (PID: 888)
      • installer.exe (PID: 7188)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 7976)
      • installer.exe (PID: 516)
      • installer.exe (PID: 7276)
      • opera_autoupdate.exe (PID: 7664)
      • installer.exe (PID: 1080)
      • opera.exe (PID: 7976)

    • Process drops legitimate windows executable

      • Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 8188)
      • assistant_installer.exe (PID: 7976)

    • Reads security settings of Internet Explorer

      • setup.exe (PID: 2532)
      • installer.exe (PID: 6292)
      • browser_assistant.exe (PID: 6364)
      • browser_assistant.exe (PID: 5516)

    • Starts itself from another location

      • setup.exe (PID: 2532)

    • There is functionality for taking screenshot (YARA)

      • setup.exe (PID: 2532)
      • setup.exe (PID: 4236)
      • setup.exe (PID: 7516)
      • opera.exe (PID: 8160)

    • Creates a software uninstall entry

      • installer.exe (PID: 6292)

    • Searches for installed software

      • installer.exe (PID: 6292)

    • Reads the date of Windows installation

      • installer.exe (PID: 6292)
      • opera.exe (PID: 4892)

    • Reads Mozilla Firefox installation path

      • opera.exe (PID: 4892)

    • The process checks if it is being run in the virtual environment

      • opera.exe (PID: 4892)

    • The process executes via Task Scheduler

      • opera_autoupdate.exe (PID: 7664)
      • updater.exe (PID: 4124)
      • PLUGScheduler.exe (PID: 4116)
      • updater.exe (PID: 5716)

    • Loads DLL from Mozilla Firefox

      • opera.exe (PID: 4552)

    • Found regular expressions for crypto-addresses (YARA)

      • opera.exe (PID: 8160)
      • opera.exe (PID: 4892)

  • INFO

    • Launching a file from the Downloads directory

      • firefox.exe (PID: 516)

    • Application launched itself

      • firefox.exe (PID: 516)
      • firefox.exe (PID: 4224)

    • Reads Microsoft Office registry keys

      • firefox.exe (PID: 516)

    • Executable content was dropped or overwritten

      • firefox.exe (PID: 516)

    • Reads security settings of Internet Explorer

      • explorer.exe (PID: 4772)

    • Reads the software policy settings

      • explorer.exe (PID: 4772)
      • setup.exe (PID: 2532)
      • installer.exe (PID: 6292)
      • browser_assistant.exe (PID: 6364)
      • slui.exe (PID: 8132)
      • browser_assistant.exe (PID: 5516)

    • Creates files or folders in the user directory

      • explorer.exe (PID: 4772)
      • setup.exe (PID: 2532)
      • setup.exe (PID: 4236)
      • setup.exe (PID: 7516)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 7976)
      • opera.exe (PID: 7432)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 8136)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 5772)
      • opera_autoupdate.exe (PID: 7664)
      • opera.exe (PID: 4552)
      • browser_assistant.exe (PID: 5516)

    • Checks supported languages

      • OperaSetup.exe (PID: 2348)
      • setup.exe (PID: 4236)
      • setup.exe (PID: 2532)
      • setup.exe (PID: 504)
      • Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 8188)
      • assistant_installer.exe (PID: 5900)
      • assistant_installer.exe (PID: 6688)
      • setup.exe (PID: 7516)
      • setup.exe (PID: 888)
      • installer.exe (PID: 7188)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 7976)
      • assistant_installer.exe (PID: 1816)
      • assistant_installer.exe (PID: 1204)
      • assistant_installer.exe (PID: 8100)
      • opera_crashreporter.exe (PID: 8012)
      • opera_crashreporter.exe (PID: 8168)
      • opera.exe (PID: 7432)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 7872)
      • browser_assistant.exe (PID: 7760)
      • opera.exe (PID: 7452)
      • opera.exe (PID: 2028)
      • opera_crashreporter.exe (PID: 6540)
      • opera.exe (PID: 5476)
      • opera.exe (PID: 1564)
      • opera.exe (PID: 2764)
      • opera_crashreporter.exe (PID: 7248)
      • opera_crashreporter.exe (PID: 2040)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 8092)
      • opera_crashreporter.exe (PID: 5556)
      • opera_crashreporter.exe (PID: 6516)
      • opera.exe (PID: 5780)
      • opera.exe (PID: 6220)
      • opera.exe (PID: 1636)
      • opera.exe (PID: 6876)
      • opera.exe (PID: 1512)
      • opera.exe (PID: 8136)
      • opera.exe (PID: 8160)
      • opera.exe (PID: 2664)
      • opera.exe (PID: 6360)
      • opera.exe (PID: 1136)
      • opera.exe (PID: 2552)
      • opera_gx_splash.exe (PID: 640)
      • opera.exe (PID: 7892)
      • opera.exe (PID: 7748)
      • opera.exe (PID: 2228)
      • opera.exe (PID: 7296)
      • opera.exe (PID: 7240)
      • opera.exe (PID: 1752)
      • opera.exe (PID: 7048)
      • opera.exe (PID: 1296)
      • opera.exe (PID: 1560)
      • opera.exe (PID: 2512)
      • opera.exe (PID: 7996)
      • opera.exe (PID: 7720)
      • opera.exe (PID: 7676)
      • opera.exe (PID: 7744)
      • opera.exe (PID: 3108)
      • opera.exe (PID: 3564)
      • opera.exe (PID: 1688)
      • opera.exe (PID: 7620)
      • installer.exe (PID: 516)
      • opera.exe (PID: 3288)
      • opera.exe (PID: 7460)
      • opera.exe (PID: 7604)
      • opera.exe (PID: 7980)
      • opera.exe (PID: 7528)
      • opera.exe (PID: 2032)
      • opera.exe (PID: 6368)
      • opera.exe (PID: 4520)
      • opera.exe (PID: 7640)
      • installer.exe (PID: 7276)
      • opera.exe (PID: 6672)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 5780)
      • opera.exe (PID: 7780)
      • opera.exe (PID: 6520)
      • opera_autoupdate.exe (PID: 5772)
      • opera.exe (PID: 8020)
      • opera.exe (PID: 6152)
      • opera.exe (PID: 7312)
      • opera.exe (PID: 7676)
      • opera.exe (PID: 1056)
      • opera.exe (PID: 4648)
      • opera.exe (PID: 1216)
      • opera.exe (PID: 3688)
      • opera.exe (PID: 5140)
      • opera.exe (PID: 4520)
      • opera.exe (PID: 1948)
      • opera.exe (PID: 7588)
      • opera.exe (PID: 3968)
      • opera.exe (PID: 7968)
      • opera.exe (PID: 4116)
      • opera.exe (PID: 1508)
      • installer.exe (PID: 1080)
      • opera.exe (PID: 1204)
      • opera.exe (PID: 4768)
      • opera.exe (PID: 8164)
      • opera.exe (PID: 7628)
      • opera.exe (PID: 4552)
      • opera.exe (PID: 1028)
      • opera.exe (PID: 2864)
      • opera.exe (PID: 2320)
      • opera.exe (PID: 3480)
      • opera.exe (PID: 6680)
      • opera.exe (PID: 4868)
      • opera.exe (PID: 3800)
      • opera.exe (PID: 7976)
      • opera.exe (PID: 8076)
      • opera.exe (PID: 7052)
      • opera.exe (PID: 3288)
      • opera.exe (PID: 8172)
      • opera.exe (PID: 3864)
      • opera.exe (PID: 6368)
      • opera_autoupdate.exe (PID: 2324)
      • opera_autoupdate.exe (PID: 7140)
      • opera.exe (PID: 7476)
      • PLUGScheduler.exe (PID: 4116)
      • updater.exe (PID: 4124)
      • updater.exe (PID: 4976)
      • browser_assistant.exe (PID: 5516)
      • opera_crashreporter.exe (PID: 6132)
      • opera.exe (PID: 5560)
      • opera.exe (PID: 2560)
      • opera_crashreporter.exe (PID: 5400)
      • opera_crashreporter.exe (PID: 5716)
      • browser_assistant.exe (PID: 4992)
      • opera.exe (PID: 3476)
      • opera.exe (PID: 3972)
      • opera_crashreporter.exe (PID: 5500)
      • updater.exe (PID: 5716)
      • opera_crashreporter.exe (PID: 6084)
      • opera.exe (PID: 2560)
      • updater.exe (PID: 5504)

    • Checks proxy server information

      • explorer.exe (PID: 4772)
      • setup.exe (PID: 2532)
      • opera.exe (PID: 7432)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 4892)
      • opera_autoupdate.exe (PID: 5904)
      • slui.exe (PID: 8132)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 2324)
      • browser_assistant.exe (PID: 5516)

    • Create files in a temporary directory

      • OperaSetup.exe (PID: 2348)
      • setup.exe (PID: 4236)
      • setup.exe (PID: 2532)
      • setup.exe (PID: 504)
      • Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 8188)
      • setup.exe (PID: 7516)
      • setup.exe (PID: 888)
      • installer.exe (PID: 6292)
      • installer.exe (PID: 7188)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 4892)
      • installer.exe (PID: 516)
      • installer.exe (PID: 7276)
      • opera_autoupdate.exe (PID: 7664)
      • installer.exe (PID: 1080)
      • opera.exe (PID: 4552)

    • The sample compiled with english language support

      • setup.exe (PID: 4236)
      • OperaSetup.exe (PID: 2348)
      • Assistant_118.0.5461.41_Setup.exe_sfx.exe (PID: 8188)
      • setup.exe (PID: 504)
      • setup.exe (PID: 2532)
      • setup.exe (PID: 7516)
      • setup.exe (PID: 888)
      • installer.exe (PID: 7188)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 7976)
      • installer.exe (PID: 516)
      • installer.exe (PID: 7276)
      • opera_autoupdate.exe (PID: 7664)
      • installer.exe (PID: 1080)
      • opera.exe (PID: 7976)

    • Reads the computer name

      • setup.exe (PID: 2532)
      • assistant_installer.exe (PID: 5900)
      • setup.exe (PID: 7516)
      • installer.exe (PID: 6292)
      • assistant_installer.exe (PID: 1816)
      • assistant_installer.exe (PID: 7976)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 7872)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 7452)
      • opera.exe (PID: 2028)
      • opera.exe (PID: 5476)
      • opera.exe (PID: 1564)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 8092)
      • opera.exe (PID: 5780)
      • opera.exe (PID: 8160)
      • opera_gx_splash.exe (PID: 640)
      • opera.exe (PID: 8136)
      • opera.exe (PID: 7980)
      • opera_autoupdate.exe (PID: 5904)
      • installer.exe (PID: 516)
      • opera_autoupdate.exe (PID: 7664)
      • opera.exe (PID: 4552)
      • opera_autoupdate.exe (PID: 2324)
      • updater.exe (PID: 4124)
      • PLUGScheduler.exe (PID: 4116)
      • opera.exe (PID: 5560)
      • opera.exe (PID: 3476)
      • opera.exe (PID: 2560)
      • opera.exe (PID: 3972)
      • browser_assistant.exe (PID: 5516)
      • opera.exe (PID: 2560)
      • updater.exe (PID: 5716)

    • Reads the machine GUID from the registry

      • setup.exe (PID: 2532)
      • installer.exe (PID: 6292)
      • opera.exe (PID: 7432)
      • opera.exe (PID: 4892)
      • browser_assistant.exe (PID: 6364)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 5780)
      • opera_autoupdate.exe (PID: 5772)
      • opera_autoupdate.exe (PID: 2324)
      • opera_autoupdate.exe (PID: 7140)
      • browser_assistant.exe (PID: 5516)

    • Launching a file from a Registry key

      • assistant_installer.exe (PID: 7976)

    • Process checks computer location settings

      • opera.exe (PID: 7432)
      • opera.exe (PID: 4892)
      • opera.exe (PID: 1136)
      • opera.exe (PID: 7744)
      • opera.exe (PID: 7748)
      • opera.exe (PID: 7892)
      • opera.exe (PID: 3564)
      • opera.exe (PID: 3108)
      • opera.exe (PID: 1688)
      • opera.exe (PID: 2032)
      • opera.exe (PID: 7604)
      • opera.exe (PID: 7460)
      • opera.exe (PID: 7528)
      • opera.exe (PID: 7780)
      • opera.exe (PID: 1056)
      • opera.exe (PID: 7312)
      • opera.exe (PID: 7968)
      • opera.exe (PID: 4116)
      • opera.exe (PID: 1508)
      • opera.exe (PID: 3480)
      • opera.exe (PID: 8076)
      • opera.exe (PID: 6680)
      • opera.exe (PID: 4868)
      • opera.exe (PID: 3800)
      • opera.exe (PID: 3288)
      • opera.exe (PID: 7052)
      • opera.exe (PID: 2864)
      • opera.exe (PID: 1028)
      • opera.exe (PID: 6368)
      • opera.exe (PID: 8172)
      • opera.exe (PID: 7476)

    • OPERA mutex has been found

      • opera.exe (PID: 7432)
      • browser_assistant.exe (PID: 6364)
      • opera.exe (PID: 4892)
      • opera_autoupdate.exe (PID: 5904)
      • opera_autoupdate.exe (PID: 7664)
      • opera_autoupdate.exe (PID: 2324)
      • browser_assistant.exe (PID: 5516)

    • Reads CPU info

      • opera.exe (PID: 4892)

    • Process checks whether UAC notifications are on

      • updater.exe (PID: 4124)
      • updater.exe (PID: 5716)

    • Manual execution by a user

      • browser_assistant.exe (PID: 5516)

    • Creates files in the program directory

      • PLUGScheduler.exe (PID: 4116)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
408
Monitored processes
156
Malicious processes
25
Suspicious processes
27

Behavior graph

Click at the process to see the details
start firefox.exe no specs firefox.exe firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs firefox.exe no specs rundll32.exe no specs explorer.exe operasetup.exe setup.exe setup.exe setup.exe assistant_118.0.5461.41_setup.exe_sfx.exe assistant_installer.exe assistant_installer.exe slui.exe setup.exe setup.exe installer.exe installer.exe assistant_installer.exe assistant_installer.exe assistant_installer.exe assistant_installer.exe browser_assistant.exe opera.exe opera.exe opera_crashreporter.exe opera_crashreporter.exe browser_assistant.exe opera.exe opera_crashreporter.exe opera.exe no specs opera.exe no specs opera.exe opera.exe no specs opera_crashreporter.exe opera.exe opera_crashreporter.exe opera.exe opera.exe opera_crashreporter.exe opera_crashreporter.exe opera.exe no specs opera.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera_gx_splash.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs installer.exe opera.exe no specs opera_autoupdate.exe installer.exe opera.exe no specs opera_autoupdate.exe opera_autoupdate.exe opera_autoupdate.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs installer.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera.exe opera.exe no specs opera.exe no specs opera.exe no specs opera.exe no specs opera_autoupdate.exe opera_autoupdate.exe plugscheduler.exe no specs updater.exe no specs updater.exe no specs browser_assistant.exe opera.exe opera_crashreporter.exe browser_assistant.exe opera.exe opera_crashreporter.exe opera.exe opera_crashreporter.exe opera.exe opera_crashreporter.exe opera.exe opera_crashreporter.exe updater.exe no specs updater.exe no specs svchost.exe

Process information

PID
CMD
Path
Indicators
Parent process
504"C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --versionC:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
setup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Exit code:
0
Version:
119.0.5497.110
Modules
Images
c:\users\admin\appdata\local\temp\.opera\opera installer temp\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
516"C:\Program Files\Mozilla Firefox\firefox.exe" https://www.opera.com/C:\Program Files\Mozilla Firefox\firefox.exe
firefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Exit code:
0
Version:
136.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\vcruntime140.dll
516"C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.94\installer.exe" --fix-taskbar-pinsC:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.94\installer.exe
opera.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Exit code:
0
Version:
119.0.5497.94
Modules
Images
c:\users\admin\appdata\local\programs\opera\119.0.5497.94\installer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
640"C:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.94\opera_gx_splash.exe" --instance-name=17e1a33b5227a865822a8cd99ff77eedC:\Users\admin\AppData\Local\Programs\Opera\119.0.5497.94\opera_gx_splash.exeopera.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\users\admin\appdata\local\programs\opera\119.0.5497.94\opera_gx_splash.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
856C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -EmbeddingC:\Windows\System32\rundll32.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\rundll32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\combase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shcore.dll
c:\windows\system32\imagehlp.dll
888"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc -isForBrowser -prefsHandle 5064 -prefsLen 39068 -prefMapHandle 5080 -prefMapSize 272997 -jsInitHandle 5084 -jsInitLen 247456 -parentBuildID 20250227124745 -ipcHandle 4780 -initialChannelId {0b1b2ce1-28ca-4597-a592-92d2bea2a74c} -parentPid 516 -crashReporter "\\.\pipe\gecko-crash-server-pipe.516" -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - 12 tabC:\Program Files\Mozilla Firefox\firefox.exefirefox.exe
User:
admin
Company:
Mozilla Corporation
Integrity Level:
MEDIUM
Description:
Firefox
Exit code:
0
Version:
136.0
Modules
Images
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\vcruntime140.dll
c:\program files\mozilla firefox\mozglue.dll
c:\windows\system32\vcruntime140_1.dll
c:\windows\system32\msvcp140.dll
c:\windows\system32\bcrypt.dll
888C:\Users\admin\AppData\Local\Temp\7zSC2924997\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=119.0.5497.110 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ffc42b3a048,0x7ffc42b3a054,0x7ffc42b3a060C:\Users\admin\AppData\Local\Temp\7zSC2924997\setup.exe
setup.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Exit code:
0
Version:
119.0.5497.110
Modules
Images
c:\users\admin\appdata\local\temp\7zsc2924997\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1028"C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --no-pre-read-main-dll --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-dropdown-keyword-ads=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amazon-bookmarks-tags-update=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:hide-navigations-from-extensions=on --with-feature:in-house-autocomplete-send=on --with-feature:keywords-from-backend=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=off --with-feature:sd-suggestions-external=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner-ref=on --with-feature:suggestion-redirect-handler=on --with-feature:installer-experiment-test=off --ab_tests=DNA-121339-1:DNA-121339 --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=2032,i,6809851924512164809,2442670872628042773,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=2592 /prefetch:1C:\Users\admin\AppData\Local\Programs\Opera\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera Internet Browser
Exit code:
0
Version:
119.0.5497.94
Modules
Images
c:\users\admin\appdata\local\programs\opera\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera\119.0.5497.94\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1056"C:\Users\admin\AppData\Local\Programs\Opera\opera.exe" --type=renderer --extension-process --no-pre-read-main-dll --with-feature:cashback-assistant=on --with-feature:address-bar-dropdown-autocompleted-domains=on --with-feature:address-bar-dropdown-cities=on --with-feature:address-bar-dropdown-keyword-ads=on --with-feature:address-bar-keywords-monetization=on --with-feature:ai-tab-management=on --with-feature:ai-writing-mode-in-context-menu=on --with-feature:amazon-bookmarks-tags-update=on --with-feature:amp-requests-stats=on --with-feature:aria-in-tab-view=on --with-feature:bluesky-in-sidebar=on --with-feature:cashback-assistant=on --with-feature:continue-on-booking=on --with-feature:continue-on-shopping-via-amp=off --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-amazon-us-associates=off --with-feature:continue-shopping-explore=off --with-feature:continue-shopping-structured-partners=on --with-feature:discord-in-sidebar=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:hide-navigations-from-extensions=on --with-feature:in-house-autocomplete-send=on --with-feature:keywords-from-backend=on --with-feature:native-crypto-wallet=on --with-feature:opera-startpage-special=on --with-feature:proxy-switcher-ui-default-visible=on --with-feature:realtime-impressions-reporting=on --with-feature:run-at-startup-default=off --with-feature:sd-suggestions-external=on --with-feature:shopping-corner=on --with-feature:sitecheck-age=on --with-feature:slack-in-sidebar=on --with-feature:specific-keywords=on --with-feature:startpage-opening-animation=off --with-feature:startpage-sync-banner-ref=on --with-feature:suggestion-redirect-handler=on --with-feature:installer-experiment-test=off --ab_tests=DNA-121339-1:DNA-121339 --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=2032,i,6809851924512164809,2442670872628042773,262144 --disable-features=CertificateTransparencyAskBeforeEnabling,PlatformSoftwareH264EncoderInGpu,UpdatableKeyPins --variations-seed-version --mojo-platform-channel-handle=7820 /prefetch:2C:\Users\admin\AppData\Local\Programs\Opera\opera.exeopera.exe
User:
admin
Company:
Opera Software
Integrity Level:
LOW
Description:
Opera Internet Browser
Exit code:
0
Version:
119.0.5497.94
Modules
Images
c:\users\admin\appdata\local\programs\opera\opera.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\programs\opera\119.0.5497.94\opera_elf.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shcore.dll
c:\windows\system32\combase.dll
1080"C:\Users\admin\AppData\Local\Temp\.opera\80C96573D850\installer.exe" --versionC:\Users\admin\AppData\Local\Temp\.opera\80C96573D850\installer.exe
opera_autoupdate.exe
User:
admin
Company:
Opera Software
Integrity Level:
MEDIUM
Description:
Opera Installer
Exit code:
0
Version:
119.0.5497.94
Modules
Images
c:\users\admin\appdata\local\temp\.opera\80c96573d850\installer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
Total events
57 580
Read events
56 012
Write events
1 537
Delete events
31

Modification events

(PID) Process:(4772) explorer.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000005035A
Operation:writeName:VirtualDesktop
Value:
10000000303044563096AFED4A643448A750FA41CFC7F708
(PID) Process:(516) firefox.exeKey:HKEY_CURRENT_USER\SOFTWARE\Mozilla\Firefox\DllPrefetchExperiment
Operation:writeName:C:\Program Files\Mozilla Firefox\firefox.exe
Value:
0
(PID) Process:(4772) explorer.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppBadgeUpdated
Operation:writeName:308046B0AF4A39CB
Value:
29
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:NodeSlots
Value:
02020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:MRUListEx
Value:
040000000000000003000000110000000E000000100000000F0000000C0000000D0000000B000000050000000A000000090000000800000001000000070000000600000002000000FFFFFFFF
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\4\0
Operation:writeName:MRUListEx
Value:
0400000006000000050000000100000008000000020000000C0000000B0000000A00000009000000070000000000000003000000FFFFFFFF
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\4\0\4\0
Operation:writeName:MRUListEx
Value:
0100000000000000FFFFFFFF
(PID) Process:(4772) explorer.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Operation:writeName:Locked
Value:
1
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\208\Shell
Operation:writeName:SniffedFolderType
Value:
Pictures
(PID) Process:(4772) explorer.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\Bags\208\Shell
Operation:writeName:SniffedFolderType
Value:
Downloads
Executable files
41
Suspicious files
1 563
Text files
680
Unknown types
0

Dropped files

PID
Process
Filename
Type
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
MD5:
SHA256:
4772explorer.exeC:\Users\admin\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.datbinary
MD5:E49C56350AEDF784BFE00E444B879672
SHA256:A8BD235303668981563DFB5AAE338CB802817C4060E2C199B7C84901D57B7E1E
516firefox.exeC:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\9kie7cg6.default-release\activity-stream.contile.jsonbinary
MD5:93A8957BDADB9674A374B6644B2165C2
SHA256:5E5B63945FD665C9330DDE62F5E23F71A3023BA8292C0C3FDD3C86D249956F3F
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\cookies.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\sessionCheckpoints.jsonbinary
MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
SHA256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\storage\permanent\chrome\idb\3561288849sdhlie.sqlite-shmbinary
MD5:B7C14EC6110FA820CA6B65F5AEC85911
SHA256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\sessionCheckpoints.json.tmpbinary
MD5:EA8B62857DFDBD3D0BE7D7E4A954EC9A
SHA256:792955295AE9C382986222C6731C5870BD0E921E7F7E34CC4615F5CD67F225DA
516firefox.exeC:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\9kie7cg6.default-release\SiteSecurityServiceState.binbinary
MD5:90E918EE34BEB60B0998A4DEF57AFCF6
SHA256:09252C95F69F3FD23D41D0BB2E83DF0A6E7783F30D9C842996908471FB6A68FA
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
55
TCP/UDP connections
244
DNS requests
312
Threats
117

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
516
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/canonical.html
unknown
whitelisted
516
firefox.exe
POST
200
2.17.190.73:80
http://ocsp.digicert.com/
unknown
whitelisted
516
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
unknown
whitelisted
516
firefox.exe
POST
200
2.17.190.73:80
http://ocsp.digicert.com/
unknown
whitelisted
516
firefox.exe
POST
200
172.217.18.3:80
http://o.pki.goog/s/wr3/FIY
unknown
whitelisted
516
firefox.exe
POST
200
172.217.18.3:80
http://o.pki.goog/we2
unknown
whitelisted
516
firefox.exe
GET
200
34.107.221.82:80
http://detectportal.firefox.com/success.txt?ipv4
unknown
whitelisted
516
firefox.exe
POST
200
172.217.18.3:80
http://o.pki.goog/we2
unknown
whitelisted
516
firefox.exe
POST
200
172.217.18.3:80
http://o.pki.goog/s/wr3/azY
unknown
whitelisted
516
firefox.exe
POST
200
172.217.18.3:80
http://o.pki.goog/s/wr3/azY
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
5944
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:137
whitelisted
1268
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4808
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
516
firefox.exe
34.160.144.191:443
content-signature-2.cdn.mozilla.net
GOOGLE
US
whitelisted
4
System
192.168.100.255:138
whitelisted
516
firefox.exe
18.192.78.84:443
www.opera.com
AMAZON-02
DE
whitelisted
516
firefox.exe
34.107.221.82:80
detectportal.firefox.com
GOOGLE
US
whitelisted
516
firefox.exe
34.36.137.203:443
contile.services.mozilla.com
GOOGLE-CLOUD-PLATFORM
US
whitelisted
516
firefox.exe
2.17.190.73:80
ocsp.digicert.com
AKAMAI-AS
DE
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 40.127.240.158
whitelisted
google.com
  • 142.250.186.78
whitelisted
content-signature-2.cdn.mozilla.net
  • 34.160.144.191
whitelisted
content-signature-chains.prod.autograph.services.mozaws.net
  • 34.160.144.191
  • 2600:1901:0:92a9::
whitelisted
detectportal.firefox.com
  • 34.107.221.82
whitelisted
www.opera.com
  • 18.192.78.84
  • 3.127.167.250
  • 35.156.138.219
  • 3.121.156.131
  • 35.156.148.194
  • 18.157.232.226
  • 18.197.13.103
  • 3.122.13.84
  • 3.120.99.166
  • 18.194.100.15
  • 3.123.210.187
  • 3.120.204.122
  • 18.195.75.229
  • 3.122.10.60
  • 52.58.254.151
  • 3.70.73.140
whitelisted
prod.detectportal.prod.cloudops.mozgcp.net
  • 34.107.221.82
  • 2600:1901:0:38d7::
whitelisted
front-geo.production.opera-website.route53.opera.com
  • 18.192.78.84
  • 3.127.167.250
  • 35.156.138.219
  • 3.121.156.131
  • 35.156.148.194
  • 18.157.232.226
  • 18.197.13.103
  • 3.122.13.84
whitelisted
contile.services.mozilla.com
  • 34.36.137.203
whitelisted
spocs.getpocket.com
  • 34.36.137.203
whitelisted

Threats

PID
Process
Class
Message
2200
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
2200
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
2200
svchost.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
8136
opera.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
8136
opera.exe
Not Suspicious Traffic
INFO [ANY.RUN] Google Tag Manager analytics (googletagmanager .com)
8136
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8136
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8136
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8136
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
8136
opera.exe
Generic Protocol Command Decode
SURICATA QUIC failed decrypt
Process
Message
assistant_installer.exe
[0621/222135.231:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506212221251\assistant\assistant_installer.exe" --version
assistant_installer.exe
[0621/222224.731:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202506212221251\assistant\assistant_installer.exe" --installfolder="C:\Users\admin\AppData\Local\Programs\Opera\assistant" --copyonly=0 --allusers=0
assistant_installer.exe
[0621/222224.778:INFO:assistant_installer.cc(304)] Setting up the registry
assistant_installer.exe
[0621/222224.856:INFO:assistant_installer.cc(355)] Creating scheduled task
assistant_installer.exe
[0621/222224.919:INFO:assistant_installer_main.cc(168)] Running assistant installer with command line "C:\Users\admin\AppData\Local\Programs\Opera\assistant\assistant_installer.exe" --installfolder="C:\Users\admin\AppData\Local\Programs\Opera\assistant" --run-assistant --allusers=0
assistant_installer.exe
[0621/222224.935:INFO:assistant_installer.cc(265)] Running Assistant
explorer.exe
Thumbnail Cache: Attempting to replace an entry that is in use
browser_assistant.exe
[0621/222226.606:ERROR:tracking_data_utils.cc(72)] Can't read edition: missing value.
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://www.opera.com/