Malware analysis /download/netscape-9-0-beta-1-netscape-navigator-9.0b1/netscape-9-0-beta-1-netscape-navigator-9.0b1.exe Malicious activity

Add for printing

download:	/download/netscape-9-0-beta-1-netscape-navigator-9.0b1/netscape-9-0-beta-1-netscape-navigator-9.0b1.exe
Full analysis:	https://app.any.run/tasks/f3e2530f-dc58-473e-b55f-1cd3c3ab3552
Verdict:	Malicious activity
Analysis date:	December 17, 2023, 15:16:59
OS:	Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME:	application/x-dosexec
File info:	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5:	C00A3FE37D0F7334122A6EE11CC1B79B
SHA1:	5FFED4378033A17A9C3CE35A0AD5DDBED7361AFE
SHA256:	E8BA1FF03EFE1B27E5898399A27D11C359137F70D0504B4A6F4C0F713D7D8DE8
SSDEEP:	98304:crc8d7xE2p9UbJ1fPpBc4gO0wexBJfBJDab42b3+vykpDpkmCS4EN4fVyKCcvibU:9WXyF8Goj6uPC3

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Launch configuration

Task duration:: 300 seconds
Heavy Evasion option:
Network geolocation:: off
Additional time used:: 240 seconds
MITM proxy:: off
Privacy:: Public submission
Fakenet option:: off
Route via Tor:: off
Autoconfirmation of UAC:: on
Network:: on

Software preset

Internet Explorer 11.0.9600.19596 KB4534251
Adobe Acrobat Reader DC (20.013.20064)
Adobe Acrobat Reader DC (20.013.20064)
Adobe Flash Player 32 ActiveX (32.0.0.453)
Adobe Flash Player 32 ActiveX (32.0.0.453)
Adobe Flash Player 32 NPAPI (32.0.0.453)
Adobe Flash Player 32 NPAPI (32.0.0.453)
Adobe Flash Player 32 PPAPI (32.0.0.453)
Adobe Flash Player 32 PPAPI (32.0.0.453)
Adobe Refresh Manager (1.8.0)
Adobe Refresh Manager (1.8.0)
CCleaner (6.14)
CCleaner (6.14)
FileZilla 3.65.0 (3.65.0)
FileZilla 3.65.0 (3.65.0)
Google Chrome (109.0.5414.120)
Google Chrome (109.0.5414.120)
Google Update Helper (1.3.36.31)
Google Update Helper (1.3.36.31)
Java 8 Update 271 (8.0.2710.9)
Java 8 Update 271 (8.0.2710.9)
Java Auto Updater (2.8.271.9)
Java Auto Updater (2.8.271.9)
Microsoft .NET Framework 4.8 (4.8.03761)
Microsoft .NET Framework 4.8 (4.8.03761)
Microsoft .NET Framework 4.8 (4.8.03761)
Microsoft .NET Framework 4.8 (4.8.03761)
Microsoft Edge (109.0.1518.115)
Microsoft Edge (109.0.1518.115)
Microsoft Edge Update (1.3.175.29)
Microsoft Edge Update (1.3.175.29)
Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Professional 2010 (14.0.6029.1000)
Microsoft Office Professional 2010 (14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
Microsoft Office Proof (English) 2010 (14.0.6029.1000)
Microsoft Office Proof (English) 2010 (14.0.6029.1000)
Microsoft Office Proof (French) 2010 (14.0.6029.1000)
Microsoft Office Proof (French) 2010 (14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
Microsoft Office Proof (German) 2010 (14.0.4763.1000)
Microsoft Office Proof (German) 2010 (14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Single Image 2010 (14.0.6029.1000)
Microsoft Office Single Image 2010 (14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (14.36.32532.0)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (14.36.32532.0)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (14.36.32532)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (14.36.32532)
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (14.36.32532)
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (14.36.32532)
Mozilla Firefox (x86 en-US) (115.0.2)
Mozilla Firefox (x86 en-US) (115.0.2)
Mozilla Maintenance Service (115.0.2)
Mozilla Maintenance Service (115.0.2)
Notepad++ (32-bit x86) (7.9.1)
Notepad++ (32-bit x86) (7.9.1)
PowerShell 7-x86 (7.2.11.0)
PowerShell 7-x86 (7.2.11.0)
Skype version 8.110 (8.110)
Skype version 8.110 (8.110)
Update for Microsoft .NET Framework 4.8 (KB4503575) (1)
Update for Microsoft .NET Framework 4.8 (KB4503575) (1)
VLC media player (3.0.11)
VLC media player (3.0.11)
WinRAR 5.91 (32-bit) (5.91.0)
WinRAR 5.91 (32-bit) (5.91.0)

Add for printing

MALICIOUS
- Drops the executable file immediately after the start
  - netscape-9-0-beta-1-netscape-navigator-9.0b1.exe (PID: 2080)
  - setup.exe (PID: 480)
SUSPICIOUS
- The process drops C-runtime libraries
  - netscape-9-0-beta-1-netscape-navigator-9.0b1.exe (PID: 2080)
  - setup.exe (PID: 480)
- The process creates files with name similar to system file names
  - setup.exe (PID: 480)
- Malware-specific behavior (creating "System.dll" in Temp)
  - setup.exe (PID: 480)
- Process drops legitimate windows executable
  - netscape-9-0-beta-1-netscape-navigator-9.0b1.exe (PID: 2080)
  - setup.exe (PID: 480)
- Searches for installed software
  - setup.exe (PID: 480)
- Application launched itself
  - navigator.exe (PID: 1624)
  - navigator.exe (PID: 1808)
INFO
- Checks supported languages
  - netscape-9-0-beta-1-netscape-navigator-9.0b1.exe (PID: 2080)
  - setup.exe (PID: 480)
  - navigator.exe (PID: 1808)
  - navigator.exe (PID: 2300)
  - navigator.exe (PID: 1624)
- Create files in a temporary directory
  - netscape-9-0-beta-1-netscape-navigator-9.0b1.exe (PID: 2080)
  - setup.exe (PID: 480)
  - navigator.exe (PID: 2300)
- Creates files in the program directory
  - setup.exe (PID: 480)
  - navigator.exe (PID: 1624)
- Reads the computer name
  - setup.exe (PID: 480)
  - navigator.exe (PID: 1624)
  - navigator.exe (PID: 1808)
  - navigator.exe (PID: 2300)
- Reads the machine GUID from the registry
  - setup.exe (PID: 480)
  - navigator.exe (PID: 1808)
  - navigator.exe (PID: 2300)
- Creates files or folders in the user directory
  - setup.exe (PID: 480)
  - navigator.exe (PID: 2300)
  - navigator.exe (PID: 1808)
  - navigator.exe (PID: 1624)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Add for printing

No Malware configuration.

Add for printing

TRiD

.exe	\|	Win64 Executable (generic) (28.6)
.exe	\|	UPX compressed Win32 Executable (28)
.exe	\|	Win32 EXE Yoda's Crypter (27.5)
.dll	\|	Win32 Dynamic Link Library (generic) (6.8)
.exe	\|	Win32 Executable (generic) (4.6)

EXIF

EXE

MachineType:	Intel 386 or later, and compatibles
TimeStamp:	2006:08:16 00:27:50+02:00
ImageFileCharacteristics:	No relocs, Executable, No line numbers, No symbols, 32-bit
PEType:	PE32
LinkerVersion:	6
CodeSize:	40960
InitializedDataSize:	28672
UninitializedDataSize:	94208
EntryPoint:	0x21cf0
OSVersion:	4
ImageVersion:	-
SubsystemVersion:	4
Subsystem:	Windows GUI
FileVersionNumber:	4.42.0.0
ProductVersionNumber:	4.42.0.0
FileFlagsMask:	0x003f
FileFlags:	(none)
FileOS:	Windows NT 32-bit
ObjectFileType:	Executable application
FileSubtype:	-
LanguageCode:	English (U.S.)
CharacterSet:	Unicode
CompanyName:	Mozilla
FileDescription:	Firefox
FileVersion:	4.42
InternalName:	7zS.sfx
LegalCopyright:	Mozilla
OriginalFileName:	7zS.sfx.exe
ProductName:	Firefox
ProductVersion:	4.42

No data.

Add for printing

All screenshots are available in the full report

Add for printing

Total processes

Monitored processes

Malicious processes

Suspicious processes

Behavior graph

Click at the process to see the details

Process information

PID

CMD

Path

Indicators

Parent process

120

"C:\Users\admin\Desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe"

C:\Users\admin\Desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe

—

explorer.exe

User:

admin

Company:

Mozilla

Integrity Level:

MEDIUM

Description:

Firefox

Exit code:

3221226540

Version:

4.42

Modules

Images
c:\users\admin\desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe
c:\windows\system32\ntdll.dll

480

.\setup.exe

C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\setup.exe

—

netscape-9-0-beta-1-netscape-navigator-9.0b1.exe

User:

admin

Company:

Netscape

Integrity Level:

HIGH

Description:

Navigator Installer

Exit code:

Version:

9.0

Modules

Images
c:\users\admin\appdata\local\temp\7zsc7.tmp\setup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll

1624

"C:\Program Files\Netscape\Navigator 9\navigator.exe"

C:\Program Files\Netscape\Navigator 9\navigator.exe

—

setup.exe

User:

admin

Company:

Netscape

Integrity Level:

HIGH

Description:

Navigator

Exit code:

Version:

Personal

Modules

Images
c:\program files\netscape\navigator 9\navigator.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\netscape\navigator 9\js3250.dll
c:\program files\netscape\navigator 9\nspr4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll

1808

"C:\Program Files\Netscape\Navigator 9\navigator.exe"

C:\Program Files\Netscape\Navigator 9\navigator.exe

—

navigator.exe

User:

admin

Company:

Netscape

Integrity Level:

HIGH

Description:

Navigator

Exit code:

Version:

Personal

Modules

Images
c:\program files\netscape\navigator 9\navigator.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\netscape\navigator 9\js3250.dll
c:\program files\netscape\navigator 9\nspr4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll

2080

"C:\Users\admin\Desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe"

C:\Users\admin\Desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe

explorer.exe

User:

admin

Company:

Mozilla

Integrity Level:

HIGH

Description:

Firefox

Exit code:

Version:

4.42

Modules

Images
c:\users\admin\desktop\netscape-9-0-beta-1-netscape-navigator-9.0b1.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll

2300

"C:\Program Files\Netscape\Navigator 9\navigator.exe"

C:\Program Files\Netscape\Navigator 9\navigator.exe

navigator.exe

User:

admin

Company:

Netscape

Integrity Level:

MEDIUM

Description:

Navigator

Exit code:

Version:

Personal

Modules

Images
c:\program files\netscape\navigator 9\navigator.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\netscape\navigator 9\js3250.dll
c:\program files\netscape\navigator 9\nspr4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll

Add for printing

Total events

2 698

Read events

2 696

Write events

Delete events

Modification events


(PID) Process:	(480) setup.exe	Key:	HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\InstallerTest
Operation:	delete key	Name:	(default)
Value:
(PID) Process:	(480) setup.exe	Key:	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Operation:	write	Name:	GlobalAssocChangedCounter
Value: 115

Add for printing

Executable files

Suspicious files

Text files

347

Unknown types

Dropped files

PID	Process	Filename		Type
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\LICENSE		text
		MD5:48FF35A6E75247E702019CDDD0EACC21	SHA256:C2AA7D58CEBD24CB877BBF11D6B13A4BB7CD08B9D7DB5D3037CA06C46BF4CFD8
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\forms.css		text
		MD5:43C717453B00DBA083428B8E3583B588	SHA256:6DE94BF45EE501DFFD9FCFF3F4FCDFD85E2452CDBCE630813381BFFF77F777D5
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\EditorOverride.css		text
		MD5:4B3B5AD0B17C566819A88D54026B52FD	SHA256:4ECA3B7360E2D917B9C6C626F9BF5AAFDD5EEC1D296146BAAB32D1F3B00D7A53
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\svg.css		text
		MD5:0386ADBF839E5E72336F780838965ED4	SHA256:3AC1F6E45E7F599EBAC6F6658053231F2769DA73360405D5BFEAA0317C1AC319
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\quirk.css		text
		MD5:79959B19373EFB260456C42E0D176068	SHA256:EBD1A3BA548D222825D6500879A656F125E71084382C9067D1322FBAD4D57467
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\mathml.css		text
		MD5:3FA9013A72E4119B37D01FDDC304B503	SHA256:9A113001B65BD4F0AC3C4D22158E34F0DC393F28BFC1E5FBB2AC0EAEEBCB8582
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\res\ua.css		text
		MD5:E95E78329871E4A902A97641C8B43E25	SHA256:EB98804CBE3BBB242A301049B0268278CA94BAB7C15AC95AB969B87B3981332B
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\nonlocalized\js3250.dll		executable
		MD5:4DC1EDC90D78E8E9C7FB4B6EBE2F324C	SHA256:A863A6C1A100ECCE347526CBF179FF8022A4EB6227266E86CB097AE19AB8798B
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\localized\defaults\profile\chrome\userContent-example.css		text
		MD5:D3765C7D2DE5626529195007F4B7144A	SHA256:10CD5C7D7FB1F6F1123893530099888822C6CB8A4A41584534C2D2EBA38F5BA9
2080	netscape-9-0-beta-1-netscape-navigator-9.0b1.exe	C:\Users\admin\AppData\Local\Temp\7zSC7.tmp\localized\defaults\profile\chrome\userChrome-example.css		text
		MD5:4788FDAA51B0A238CB21F5C2877EF06D	SHA256:BBAA6DE3247C9D5C9991F8D14B9022491578E603A6B2E2838E760A87C658A719

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Add for printing

HTTP(S) requests

TCP/UDP connections

DNS requests

Threats

HTTP requests

PID	Process	Method	HTTP Code	IP	URL	CN	Type	Size	Reputation
2300	navigator.exe	GET	404	13.50.184.192:80	http://browser.netscape.com/firstrun/9.0b1/	unknown	html	4.69 Kb	unknown
2300	navigator.exe	GET	301	13.49.212.207:80	http://www.netscape.com/	unknown	html	4.31 Kb	unknown
2300	navigator.exe	GET	301	13.49.212.207:80	http://www.netscape.com/api/storystatus-b64/aHR0cDovL2Jyb3dzZXIubmV0c2NhcGUuY29tL2ZpcnN0cnVuLzkuMGIxLw==	unknown	html	4.39 Kb	unknown
2300	navigator.exe	GET	404	13.50.184.192:80	http://browser.netscape.com/firstrun/%VERSION%/	unknown	html	4.70 Kb	unknown
2300	navigator.exe	GET	—	13.49.212.207:80	http://www.netscape.com/api/sitemail/	unknown	—	—	unknown
2300	navigator.exe	GET	—	13.49.212.207:80	http://www.netscape.com/api/feeds/	unknown	—	—	unknown
2300	navigator.exe	GET	404	13.50.184.192:80	http://browser.netscape.com/favicon.ico	unknown	html	4.69 Kb	unknown
2300	navigator.exe	GET	404	142.250.185.238:80	http://sb.google.com/safebrowsing/update?client=Navigator&appver=9.0b1&version=goog-white-domain:1:-1,goog-white-url:1:-1,goog-black-url:1:-1,goog-black-enchash:1:-1	unknown	html	1.54 Kb	unknown
2300	navigator.exe	GET	301	109.234.111.119:80	http://mjd.yt/	unknown	—	—	unknown
2300	navigator.exe	GET	404	142.250.185.238:80	http://sb.google.com/safebrowsing/update?client=Navigator&appver=9.0b1&version=goog-white-domain:1:-1,goog-white-url:1:-1,goog-black-url:1:-1,goog-black-enchash:1:-1	unknown	html	1.54 Kb	unknown

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID	Process	IP	Domain	ASN	CN	Reputation
4	System	192.168.100.255:137	—	—	—	whitelisted
4	System	192.168.100.255:138	—	—	—	whitelisted
1080	svchost.exe	224.0.0.252:5355	—	—	—	unknown
2300	navigator.exe	13.50.184.192:80	browser.netscape.com	AMAZON-02	SE	unknown
2300	navigator.exe	13.49.212.207:80	browser.netscape.com	AMAZON-02	SE	unknown
2300	navigator.exe	212.82.100.163:443	www.aol.com	Yahoo! UK Services Limited	IE	unknown
2300	navigator.exe	87.248.119.252:443	s.yimg.com	Yahoo! UK Services Limited	GB	unknown
2300	navigator.exe	188.125.72.139:80	geo.yahoo.com	Yahoo! UK Services Limited	IE	unknown
2300	navigator.exe	54.74.75.43:80	bcn.fp.yahoo.com	AMAZON-02	IE	unknown
2300	navigator.exe	142.250.185.238:80	sb.google.com	GOOGLE	US	whitelisted

DNS requests

Domain	IP	Reputation
browser.netscape.com	13.50.184.192 13.49.212.207	whitelisted
www.netscape.com	13.49.212.207 13.50.184.192	unknown
www.aol.com	212.82.100.163	whitelisted
s.yimg.com	87.248.119.252 87.248.119.251	shared
geo.yahoo.com	188.125.72.139	whitelisted
bcn.fp.yahoo.com	54.74.75.43 63.34.82.167 52.209.182.235	unknown
sb.google.com	142.250.185.238	whitelisted
mjd.yt	109.234.111.119	unknown
youtube.com	216.58.206.46	whitelisted
www.youtube.com	142.250.186.142 142.250.184.238 142.250.184.206 172.217.16.142 142.250.181.238 142.250.186.110 142.250.186.78 142.250.185.238 142.250.185.206 142.250.185.174 142.250.185.142 142.250.185.110 142.250.185.78 216.58.212.142 172.217.23.110 216.58.212.174	whitelisted

Threats

PID	Process	Class	Message
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.
2300	navigator.exe	Potential Corporate Privacy Violation	ET POLICY Unsupported/Fake FireFox Version 2.

Add for printing

No debug info

General Info

/download/netscape-9-0-beta-1-netscape-navigator-9.0b1/netscape-9-0-beta-1-netscape-navigator-9.0b1.exe

C00A3FE37D0F7334122A6EE11CC1B79B

5FFED4378033A17A9C3CE35A0AD5DDBED7361AFE

E8BA1FF03EFE1B27E5898399A27D11C359137F70D0504B4A6F4C0F713D7D8DE8

98304:crc8d7xE2p9UbJ1fPpBc4gO0wexBJfBJDab42b3+vykpDpkmCS4EN4fVyKCcvibU:9WXyF8Goj6uPC3

Software environment set and analysis options

Launch configuration

Software preset

Behavior activities

MALICIOUS

Drops the executable file immediately after the start

SUSPICIOUS

The process drops C-runtime libraries

The process creates files with name similar to system file names

Malware-specific behavior (creating "System.dll" in Temp)

Process drops legitimate windows executable

Searches for installed software

Application launched itself

INFO

Checks supported languages

Create files in a temporary directory

Creates files in the program directory

Reads the computer name

Reads the machine GUID from the registry

Creates files or folders in the user directory

Malware configuration

Static information

TRiD

EXIF

EXE

Video and screenshots

Processes

Behavior graph

Specs description

Process information

Information

Modules

Information

Modules

Information

Modules

Information

Modules

Information

Modules

Information

Modules

Registry activity

Modification events

Files activity

Dropped files

Network activity

HTTP requests

Connections

DNS requests

Threats

Debug output strings