ICARUS.Setup.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | June 5, 2024, 11:17 p.m. | June 5, 2024, 11:19 p.m. |
-
-
MicrosoftEdgeWebview2Setup.exe "C:\Users\test22\AppData\Local\Temp\nsxF4D0.tmp\MicrosoftEdgeWebview2Setup.exe" /silent /install
2808-
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=true"
2856-
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
2908 -
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
3016-
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe"
3068 -
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe"
2080 -
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe"
1484
-
-
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNTMuNTMiIHNoZWxsX3ZlcnNpb249IjEuMy4xNTMuNTMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDk2NzQ3QjQtRUM4Qi00NjAwLTgyMzUtQTk5RTlCQ0RBQ0E4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyMzI4MThBQi00NDVDLTRGRTctQTg3NC0yNkNGNTczQzVDMzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iMiIgcGh5c21lbW9yeT0iNSIgZGlza190eXBlPSIwIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSI2LjEuNzYwMS4wIiBzcD0iU2VydmljZSBQYWNrIDEiIGFyY2g9Ing2NCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkxFTk9WTyIgcHJvZHVjdF9uYW1lPSIyMjQxVzJVIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjE1My41MyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSIzMTcyIi8-PC9hcHA-PC9yZXF1ZXN0Pg
2184 -
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=true" /installsource otherinstallcmd /sessionid "{096747B4-EC8B-4600-8235-A99E9BCDACA8}" /silent
2232-
wermgr.exe "C:\Windows\system32\wermgr.exe" "-outproc" "2232" "460"
2312
-
-
wermgr.exe "C:\Windows\system32\wermgr.exe" "-outproc" "2856" "360"
2404 -
MicrosoftEdgeUpdate.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /unregserver
648-
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
2584 -
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
2240 -
MicrosoftEdgeUpdateComRegisterShell64.exe "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe" /unregister
1864
-
-
-
-
-
explorer.exe C:\Windows\Explorer.EXE
1452
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| self.events.data.microsoft.com | 20.189.173.3 | |
| msedge.api.cdp.microsoft.com |
CNAME
api.cdp.microsoft.com
|
20.114.58.89 |
| msedge.f.tlu.dl.delivery.mp.microsoft.com |
CNAME
a1847.dscd.akamai.net
|
199.232.214.172 |
| config.edge.skype.com |
CNAME
l-0007.l-msedge.net
CNAME
l-0007.config.skype.com
|
52.123.254.33 |
Suricata Alerts
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLS 1.2 192.168.56.101:49180 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49183 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49189 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49188 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49191 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49181 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49198 13.95.26.4:443 |
C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Update Secure Server CA 2.1 | C=US, ST=WA, L=Redmond, O=Microsoft, OU=DSP, CN=api.cdp.microsoft.com | ac:53:77:36:b6:a9:62:e6:d6:6d:ef:4e:92:bf:86:b0:5e:84:b8:e5 |
|
TLS 1.2 192.168.56.101:49182 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49192 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49206 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49209 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49210 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
|
TLS 1.2 192.168.56.101:49205 13.107.42.16:443 |
C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03 | C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.config.skype.com | 2a:d6:b5:27:8a:e8:2f:07:4f:9c:85:f1:4c:ee:95:0d:d3:0c:6b:a8 |
| section | .ndata |
| request | HEAD http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3c775e75-aff8-4af1-aede-7a5c0349aa0b?P1=1718201907&P2=404&P3=2&P4=WiuGZ5IY9kx3eECOliePn%2bZR2Oa2T%2fIA6AoadHbz1e2TomQPzt6zla8iSDn3KibvVKZ7rCsNDdx37Vncvson%2bw%3d%3d |
| request | GET http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3c775e75-aff8-4af1-aede-7a5c0349aa0b?P1=1718201907&P2=404&P3=2&P4=WiuGZ5IY9kx3eECOliePn%2bZR2Oa2T%2fIA6AoadHbz1e2TomQPzt6zla8iSDn3KibvVKZ7rCsNDdx37Vncvson%2bw%3d%3d |
| request | POST https://msedge.api.cdp.microsoft.com/api/v1.1/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/latest?action=select |
| request | POST https://msedge.api.cdp.microsoft.com/api/v1.1/internal/contents/Browser/namespaces/Default/names/msedgewebview-stable-win-x64/versions/125.0.2535.85/files?action=GenerateDownloadInfo&foregroundPriority=true |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdate.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_nl.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ro.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateOnDemand.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ca-Es-VALENCIA.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_tr.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_pt-PT.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeComRegisterShellARM64.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_is.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_kok.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_es.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lv.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_da.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_id.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_am.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_zh-CN.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateBroker.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_et.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ur.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ms.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ml.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ga.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psmachine_64.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_kn.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_kk.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_fr-CA.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_gd.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_zh-TW.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lo.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_km.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_tt.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_fa.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_az.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_vi.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_sr-Cyrl-RS.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_quz.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lb.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psmachine.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ta.dll |
| file | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICARUS Terminal\ICARUS Terminal.lnk |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_hi.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psuser_arm64.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ka.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_it.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_sr.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_bs.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_or.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_es-419.dll |
| file | C:\Users\test22\AppData\Local\Temp\nsxF4D0.tmp\System.dll |
| file | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICARUS Terminal\ICARUS Terminal.lnk |
| file | C:\Users\test22\Desktop\ICARUS Terminal.lnk |
| file | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe |
| file | C:\Users\test22\AppData\Local\Temp\nsxF4D0.tmp\System.dll |
| file | C:\Users\test22\AppData\Local\Temp\nsxF4D0.tmp\InstallOptions.dll |
| Ikarus | PUA.CoinMiner |
| process | microsoftedgeupdate.exe |
| cmdline | "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNTMuNTMiIHNoZWxsX3ZlcnNpb249IjEuMy4xNTMuNTMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDk2NzQ3QjQtRUM4Qi00NjAwLTgyMzUtQTk5RTlCQ0RBQ0E4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyMzI4MThBQi00NDVDLTRGRTctQTg3NC0yNkNGNTczQzVDMzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iMiIgcGh5c21lbW9yeT0iNSIgZGlza190eXBlPSIwIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSI2LjEuNzYwMS4wIiBzcD0iU2VydmljZSBQYWNrIDEiIGFyY2g9Ing2NCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkxFTk9WTyIgcHJvZHVjdF9uYW1lPSIyMjQxVzJVIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjE1My41MyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSIzMTcyIi8-PC9hcHA-PC9yZXF1ZXN0Pg |
| service_name | edgeupdate | service_path | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" \svc | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4A02D72-2A34-41DB-B37F-05DFDB27E933}\InProcServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4A02D72-2A34-41DB-B37F-05DFDB27E933}\InProcServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| reg_key | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4A02D72-2A34-41DB-B37F-05DFDB27E933}\InProcServer32\(Default) | reg_value | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine_64.dll | ||||||
| file | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\MicrosoftEdgeUpdateComRegisterShell64.exe |
| file | C:\Users\test22\AppData\Local\Temp\OutofProcReport27727511.txt |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdate.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_nl.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ro.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateOnDemand.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ca-Es-VALENCIA.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_tr.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_pt-PT.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeComRegisterShellARM64.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_is.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_kok.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_es.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lv.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_da.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_id.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_am.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_zh-CN.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_hi.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_et.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ur.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ms.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ml.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ga.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psmachine_64.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\EdgeUpdate.dat |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_kk.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_fr-CA.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_gd.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_zh-TW.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lo.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_km.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_tt.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_fa.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_az.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_vi.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_sr-Cyrl-RS.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_quz.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_lb.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psmachine.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ta.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateBroker.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\psuser_arm64.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_ka.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_it.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_sr.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_bs.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_or.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\msedgeupdateres_es-419.dll |
| file | C:\Program Files (x86)\Microsoft\Temp\EU15B5.tmp\NOTICE.TXT |
| mutex | Global\EdgeUpdate{F340B839-380B-4AA9-BA6F-B83F23E2DD05} |
| mutex | Global\EdgeUpdate{DDDDEAEB-04CC-4BAA-9C63-CCA5FE38F688} |
| mutex | Global\85c47a86-2346-11ef-948e-94de278c3274 |
| mutex | {08586C4E-62C4-4a4e-8271-C2A20530AF62}_M_S-1-5-21-3832866432-4053218753-3017428901-1001 |
| mutex | Global\85926924-2346-11ef-948e-94de278c3274 |
| udp | {u'src': u'192.168.56.101', u'dst': u'239.255.255.250', u'offset': 43696043, u'time': 52.79696583747864, u'dport': 1900, u'sport': 53853} |
| udp | {u'src': u'8.8.8.8', u'dst': u'192.168.56.101', u'offset': 43703155, u'time': 56.65837788581848, u'dport': 61950, u'sport': 53} |
| udp | {u'src': u'8.8.8.8', u'dst': u'192.168.56.101', u'offset': 185167892, u'time': 75.37427496910095, u'dport': 52815, u'sport': 53} |
| udp | {u'src': u'8.8.8.8', u'dst': u'192.168.56.101', u'offset': 185168246, u'time': 74.19336581230164, u'dport': 54883, u'sport': 53} |