ARISE-LEGION-Setup-v1.0.0.exe

CLASSIFICATION

Malicious

1

Antivirus detections

0

IDS alerts

38

Processes

1

Contacted hosts

1

DNS Requests

Indicator Context

Blacklist timeline

Malicious

115 days since the last reported activity

Sample information

Hashes

Filename:

ARISE-LEGION-Setup-v1.0.0.exe

md5:

14b71ae434a4b892a173617473d54787

sha1:

af5d16afd8ec5af053be777a8bc081dc76408519

sha256:

091cbb97f2ec8f23a4203783e630fe98dee25939ded7b8132268cdcf9242609f

In depth details

Filetype:

PE32 executable (GUI) Intel 80386, for MS Windows, ...

Size (Bytes):

80299274

Classification:

malicious

Dates

Indexed:

2025-07-17 16:00:17

Last modified:

2025-07-17 17:00:10

API Specification

cURL

Python

PowerShell

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/091cbb97f2ec8f23a4203783e630fe98dee25939ded7b8132268cdcf9242609f

Response:

      
{
    "antivirus": [
        {
            "description": "W32.AIDetectMalware",
            "name": "Bkav"
        }
    ],
    "blacklist": [
        {
            "count": 5,
            "description": "Generic Malware",
            "first_seen": "2025-07-17 16:15:04",
            "last_seen": "2025-07-17 17:00:10",
            "ref": [
                21745
            ],
            "source": "Hybrid-Analysis"
        }
    ],
    "classification": "malicious",
    "contacted_host": [
        "185.199.111.133"
    ],
    "creation_time": "2025-07-17 16:00:17",
    "dns_request": [
        "raw.githubusercontent.com"
    ],
    "filename": [
        "ARISE-LEGION-Setup-v1.0.0.exe"
    ],
    "filetype": "PE32 executable (GUI) Intel 80386, for MS Windows, ...",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "md5": "14b71ae434a4b892a173617473d54787",
    "modification_time": "2025-07-17 17:00:10",
    "process_list": [
        {
            "name": "ARISE-LEGION-Setup-v1.0.0.exe",
            "normalizedpath": "C:\\ARISE-LEGION-Setup-v1.0.0.exe",
            "sha256": "091cbb97f2ec8f23a4203783e630fe98dee25939ded7b8132268cdcf9242609f",
            "uid": "00000000-00002400"
        },
        {
            "commandline": "/SL5=\"$40342,79216143,902144,C:\\ARISE-LEGION-Setup-v1.0.0.exe\"",
            "name": "ARISE-LEGION-Setup-v1.0.0.tmp",
            "normalizedpath": "%TEMP%\\is-69401.tmp\\ARISE-LEGION-Setup-v1.0.0.tmp",
            "sha256": "4fb7a6cee0f7f97ebebd816a3332a90f45c1839af9d2d38f61bde8568fa91cb4",
            "uid": "00000000-00002416"
        },
        {
            "commandline": "\"netsh\" advfirewall firewall add rule name=\"AriseLegionLauncher\" dir=in action=allow program=\"%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe\" enable=yes",
            "name": "netsh.exe",
            "normalizedpath": "%WINDIR%\\system32\\netsh.exe",
            "sha256": "41100c756bc97ffca70a69d18c4440d446bad9a876ff4f3d52210dd0bdaee014",
            "uid": "00000000-00004548"
        },
        {
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00000196"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1604 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00003304"
        },
        {
            "commandline": "-u -p 3304 -s 160",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00000008"
        },
        {
            "commandline": "--type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir=\"%APPDATA%\\arise-legion\" --mojo-platform-channel-handle=2756 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00003332"
        },
        {
            "commandline": "--type=renderer --user-data-dir=\"%APPDATA%\\arise-legion\" --app-path=\"%PROGRAMFILES%\\AriseLegionLauncher\\resources\\app.asar\" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --time-ticks-at-unix-epoch=-1752790896764928 --launch-time-ticks=2424913727 --mojo-platform-channel-handle=2860 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:1",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00007876"
        },
        {
            "commandline": "-u -p 7876 -s 404",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004808"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2824 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00003336"
        },
        {
            "commandline": "-u -p 3336 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00006968"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2760 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00001548"
        },
        {
            "commandline": "-u -p 1548 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00007088"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2704 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00007316"
        },
        {
            "commandline": "-u -p 7316 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00003356"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1132 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00005612"
        },
        {
            "commandline": "-u -p 5612 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00005224"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2820 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00003032"
        },
        {
            "commandline": "-u -p 3032 -s 404",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00002168"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --mojo-platform-channel-handle=2600 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00001496"
        },
        {
            "commandline": "-u -p 1496 -s 404",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00008116"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --mojo-platform-channel-handle=2892 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00001384"
        },
        {
            "commandline": "-u -p 1384 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004576"
        },
        {
            "commandline": "--type=gpu-process --user-data-dir=\"%APPDATA%\\arise-legion\" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --mojo-platform-channel-handle=1604 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2",
            "name": "ARISE LEGION.exe",
            "normalizedpath": "%PROGRAMFILES%\\AriseLegionLauncher\\ARISE LEGION.exe",
            "sha256": "387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b",
            "uid": "00000000-00001036"
        },
        {
            "commandline": "-u -p 1036 -s 392",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00001304"
        },
        {
            "commandline": "-u -p 196 -s 1604",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004116"
        },
        {
            "commandline": "-u -p 196 -s 1604",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00003540"
        },
        {
            "commandline": "-pss -s 456 -p 3304 -ip 3304",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00008112"
        },
        {
            "commandline": "-pss -s 540 -p 7876 -ip 7876",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00007948"
        },
        {
            "commandline": "-pss -s 484 -p 3336 -ip 3336",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004956"
        },
        {
            "commandline": "-pss -s 456 -p 1548 -ip 1548",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00006900"
        },
        {
            "commandline": "-pss -s 176 -p 7316 -ip 7316",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00007248"
        },
        {
            "commandline": "-pss -s 436 -p 5612 -ip 5612",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004760"
        },
        {
            "commandline": "-pss -s 436 -p 3032 -ip 3032",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00004776"
        },
        {
            "commandline": "-pss -s 172 -p 1496 -ip 1496",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00001064"
        },
        {
            "commandline": "-pss -s 160 -p 1384 -ip 1384",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00000504"
        },
        {
            "commandline": "-pss -s 176 -p 1036 -ip 1036",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00003576"
        },
        {
            "commandline": "-pss -s 536 -p 196 -ip 196",
            "name": "WerFault.exe",
            "normalizedpath": "%WINDIR%\\system32\\WerFault.exe",
            "sha256": "0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe",
            "uid": "00000000-00005720"
        }
    ],
    "score": 10,
    "scoring_executed_time": "2025-07-17 16:15:05",
    "sha1": "af5d16afd8ec5af053be777a8bc081dc76408519",
    "sha256": "091cbb97f2ec8f23a4203783e630fe98dee25939ded7b8132268cdcf9242609f",
    "size": 80299274,
    "type": "sample"
}

Network contacts

DNS Requests
raw.githubusercontent.com

Contacted Hosts
185.199.111.133

Antivirus Positives

Antivirus	Threat
Bkav	W32.AIDetectMalware

Items per page:

1 – 1 of 1

Process list

Process
uid 00000000-00002400 name ARISE-LEGION-Setup-v1.0.0.exe normalizedpath C:\ARISE-LEGION-Setup-v1.0.0.exe sha256 091cbb97f2ec8f23a4203783e630fe98dee25939ded7b8132268cdcf9242609f
uid 00000000-00002416 commandline /SL5="$40342,79216143,902144,C:\ARISE-LEGION-Setup-v1.0.0.exe" name ARISE-LEGION-Setup-v1.0.0.tmp normalizedpath %TEMP%\is-69401.tmp\ARISE-LEGION-Setup-v1.0.0.tmp sha256 4fb7a6cee0f7f97ebebd816a3332a90f45c1839af9d2d38f61bde8568fa91cb4
uid 00000000-00004548 commandline "netsh" advfirewall firewall add rule name="AriseLegionLauncher" dir=in action=allow program="%PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe" enable=yes name netsh.exe normalizedpath %WINDIR%\system32\netsh.exe sha256 41100c756bc97ffca70a69d18c4440d446bad9a876ff4f3d52210dd0bdaee014
uid 00000000-00000196 name ARISE LEGION.exe normalizedpath %PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe sha256 387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b
uid 00000000-00003304 commandline --type=gpu-process --user-data-dir="%APPDATA%\arise-legion" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1604 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2 name ARISE LEGION.exe normalizedpath %PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe sha256 387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b
uid 00000000-00000008 commandline -u -p 3304 -s 160 name WerFault.exe normalizedpath %WINDIR%\system32\WerFault.exe sha256 0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe
uid 00000000-00003332 commandline --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="%APPDATA%\arise-legion" --mojo-platform-channel-handle=2756 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8 name ARISE LEGION.exe normalizedpath %PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe sha256 387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b
uid 00000000-00007876 commandline --type=renderer --user-data-dir="%APPDATA%\arise-legion" --app-path="%PROGRAMFILES%\AriseLegionLauncher\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --time-ticks-at-unix-epoch=-1752790896764928 --launch-time-ticks=2424913727 --mojo-platform-channel-handle=2860 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:1 name ARISE LEGION.exe normalizedpath %PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe sha256 387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b
uid 00000000-00004808 commandline -u -p 7876 -s 404 name WerFault.exe normalizedpath %WINDIR%\system32\WerFault.exe sha256 0476d175606aac098363c328166a33f85b7efc2d0be82c0d80ba406113affbfe
uid 00000000-00003336 commandline --type=gpu-process --user-data-dir="%APPDATA%\arise-legion" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2824 --field-trial-handle=1620,i,15154716131968568183,4020282968412909969,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2 name ARISE LEGION.exe normalizedpath %PROGRAMFILES%\AriseLegionLauncher\ARISE LEGION.exe sha256 387b70c0b83d6cf68392d70118540401d5aee25a182f8f9a995178124700871b

Items per page:

1 – 10 of 38