What is launcher.exe?

launcher.exe is part of Opera Internet Browser and developed by Opera Software according to the launcher.exe version information.

launcher.exe's description is "Opera Internet Browser"

launcher.exe is digitally signed by Opera Software AS.

launcher.exe is usually located in the 'C:\Program Files\Opera\' folder.

None of the anti-virus scanners at VirusTotal reports anything malicious about launcher.exe.

If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.

Vendor and version information [?]

The following is the available information on launcher.exe:

PropertyValue
Product nameOpera Internet Browser
Company nameOpera Software
File descriptionOpera Internet Browser
Internal nameOpera
Legal copyrightCopyright Opera Software 2020
Product version66.0.3515.72
File version66.0.3515.72

Here's a screenshot of the file properties when displayed by Windows Explorer:

Product nameOpera Internet Browser
Company nameOpera Software
File descriptionOpera Internet Browser
Internal nameOpera
Legal copyrightCopyright Opera Software 2020
Product version66.0.3515.72
File version66.0.3515.72

Digital signatures [?]

launcher.exe has a valid digital signature.

PropertyValue
Signer nameOpera Software AS
Certificate issuer nameDigiCert EV Code Signing CA (SHA2)
Certificate serial number05f4210db2b283a32ff2aed29fcb68a4

VirusTotal report

None of the 73 anti-virus programs at VirusTotal detected the launcher.exe file.

None of the 73 anti-virus programs detected the launcher.exe file.

Sandbox Report

The following information was gathered by executing the file inside Cuckoo Sandbox.

Summary

Successfully executed process in sandbox.

Summary

{
    "dll_loaded": [
        "kernel32"
    ],
    "file_failed": [
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.json"
    ],
    "regkey_opened": [
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MPlayer2",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
        "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MozillaMaintenanceService",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Mozilla Firefox 60.0.2 (x86 sv-SE)",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0398A685-FD8D-46B3-9816-C47319B0CF5f}",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
        "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DXM_Runtime",
        "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion"
    ],
    "file_exists": [
        "C:\\Users\\cuck\\AppData\\Local\\Temp",
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\opera.exe",
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.xml",
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\66.0.3515.72\\opera.exe",
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.json"
    ],
    "regkey_read": [
        "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\UBR",
        "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\GRE_Initialize\\DisableMetaFiles",
        "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ReleaseId"
    ],
    "directory_enumerated": [
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\old_status\\*",
        "C:\\Users\\cuck\\AppData\\Local\\Temp\\*"
    ]
}

Generic

[
    {
        "process_path": "C:\\Users\\cuck\\AppData\\Local\\Temp\\e97d94728039cc365829d5b8dbb3c3c2dec163a40caf1792c1b3d2827b3e1024.bin",
        "process_name": "e97d94728039cc365829d5b8dbb3c3c2dec163a40caf1792c1b3d2827b3e1024.bin",
        "pid": 1664,
        "summary": {
            "dll_loaded": [
                "kernel32"
            ],
            "file_failed": [
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.json"
            ],
            "regkey_opened": [
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MPlayer2",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
                "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MozillaMaintenanceService",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Mozilla Firefox 60.0.2 (x86 sv-SE)",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0398A685-FD8D-46B3-9816-C47319B0CF5f}",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
                "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DXM_Runtime",
                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion"
            ],
            "file_exists": [
                "C:\\Users\\cuck\\AppData\\Local\\Temp",
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\opera.exe",
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.xml",
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\66.0.3515.72\\opera.exe",
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\installation_status.json"
            ],
            "regkey_read": [
                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\UBR",
                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\GRE_Initialize\\DisableMetaFiles",
                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ReleaseId"
            ],
            "directory_enumerated": [
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\old_status\\*",
                "C:\\Users\\cuck\\AppData\\Local\\Temp\\*"
            ]
        },
        "first_seen": 1581169989.53125,
        "ppid": 2448
    },
    {
        "process_path": "C:\\Windows\\System32\\lsass.exe",
        "process_name": "lsass.exe",
        "pid": 476,
        "summary": {},
        "first_seen": 1581169989.3125,
        "ppid": 376
    }
]

Signatures

[
    {
        "markcount": 1,
        "families": [],
        "description": "This executable has a PDB path",
        "severity": 1,
        "marks": [
            {
                "category": "pdb_path",
                "ioc": "launcher.exe.pdb",
                "type": "ioc",
                "description": null
            }
        ],
        "references": [],
        "name": "has_pdb"
    },
    {
        "markcount": 5,
        "families": [],
        "description": "The executable contains unknown PE section names indicative of a packer (could be a false positive)",
        "severity": 1,
        "marks": [
            {
                "category": "section",
                "ioc": ".00cfg",
                "type": "ioc",
                "description": null
            },
            {
                "category": "section",
                "ioc": ".retplne",
                "type": "ioc",
                "description": null
            },
            {
                "category": "section",
                "ioc": "CPADinfo",
                "type": "ioc",
                "description": null
            },
            {
                "category": "section",
                "ioc": "_RDATA",
                "type": "ioc",
                "description": null
            },
            {
                "category": "section",
                "ioc": "prot",
                "type": "ioc",
                "description": null
            }
        ],
        "references": [],
        "name": "pe_features"
    },
    {
        "markcount": 2,
        "families": [],
        "description": "The file contains an unknown PE resource name possibly indicative of a packer",
        "severity": 1,
        "marks": [
            {
                "category": "resource name",
                "ioc": "PNG",
                "type": "ioc",
                "description": null
            },
            {
                "category": "resource name",
                "ioc": "TXT",
                "type": "ioc",
                "description": null
            }
        ],
        "references": [],
        "name": "pe_unknown_resource_name"
    },
    {
        "markcount": 45,
        "families": [],
        "description": "Foreign language identified in PE resource",
        "severity": 2,
        "marks": [
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            },
            {
                "name": "RT_STRING",
                "language": "LANG_SERBIAN",
                "offset": "0x00180c60",
                "filetype": "data",
                "sublanguage": "SUBLANG_SERBIAN_CYRILLIC",
                "type": "generic",
                "size": "0x000001be"
            }
        ],
        "references": [],
        "name": "origin_langid"
    },
    {
        "markcount": 33,
        "families": [],
        "description": "Queries for potentially installed applications",
        "severity": 2,
        "marks": [
            {
                "call": {
                    "category": "registry",
                    "status": 0,
                    "stacktrace": [],
                    "last_error": 0,
                    "nt_status": -1073741772,
                    "api": "RegOpenKeyExW",
                    "return_value": 2,
                    "arguments": {
                        "access": "0x00020019",
                        "base_handle": "0xffffffff80000001",
                        "key_handle": "0x0000000000000000",
                        "regkey": "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 103
            },
            {
                "call": {
                    "category": "registry",
                    "status": 0,
                    "stacktrace": [],
                    "last_error": 0,
                    "nt_status": -1073741772,
                    "api": "RegOpenKeyExW",
                    "return_value": 2,
                    "arguments": {
                        "access": "0x00020019",
                        "base_handle": "0xffffffff80000001",
                        "key_handle": "0x0000000000000000",
                        "regkey": "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 104
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e0",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 111
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e4",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 112
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 114
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 116
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 119
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DXM_Runtime",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DXM_Runtime",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 122
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 125
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 128
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 131
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 134
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
                        "options": 0
                    },
                    "time": 1581169560.206519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 137
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 140
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MozillaMaintenanceService",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MozillaMaintenanceService",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 143
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MPlayer2",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MPlayer2",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 146
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 149
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 152
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020119",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0398A685-FD8D-46B3-9816-C47319B0CF5f}",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{0398A685-FD8D-46B3-9816-C47319B0CF5f}",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 155
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e0",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 161
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e4",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 162
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\AddressBook",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 164
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Connection Manager",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 166
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\DirectDrawEx",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 169
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Fontcore",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 172
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE40",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 175
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE4Data",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 178
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IE5BAKEX",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 181
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\IEData",
                        "options": 0
                    },
                    "time": 1581169560.222519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 184
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MobileOptionPack",
                        "options": 0
                    },
                    "time": 1581169560.238519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 187
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Mozilla Firefox 60.0.2 (x86 sv-SE)",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Mozilla Firefox 60.0.2 (x86 sv-SE)",
                        "options": 0
                    },
                    "time": 1581169560.238519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 190
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000e8",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SchedulingAgent",
                        "options": 0
                    },
                    "time": 1581169560.238519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 193
            },
            {
                "call": {
                    "category": "registry",
                    "status": 1,
                    "stacktrace": [],
                    "api": "RegOpenKeyExW",
                    "return_value": 0,
                    "arguments": {
                        "access": "0x00020219",
                        "base_handle": "0xffffffff80000002",
                        "key_handle": "0x00000000000000ec",
                        "regkey": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
                        "regkey_r": "Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WIC",
                        "options": 0
                    },
                    "time": 1581169560.238519,
                    "tid": 2736,
                    "flags": {}
                },
                "pid": 1664,
                "type": "call",
                "cid": 196
            }
        ],
        "references": [],
        "name": "queries_programs"
    }
]

Yara

The Yara rules did not detect anything in the file.

Network

{
    "tls": [],
    "udp": [
        {
            "src": "192.168.56.101",
            "dst": "192.168.56.255",
            "offset": 546,
            "time": 3.0784780979156494,
            "dport": 137,
            "sport": 137
        },
        {
            "src": "192.168.56.101",
            "dst": "224.0.0.252",
            "offset": 2018,
            "time": 3.018177032470703,
            "dport": 5355,
            "sport": 51001
        },
        {
            "src": "192.168.56.101",
            "dst": "224.0.0.252",
            "offset": 2346,
            "time": 1.0152809619903564,
            "dport": 5355,
            "sport": 53595
        },
        {
            "src": "192.168.56.101",
            "dst": "224.0.0.252",
            "offset": 2674,
            "time": 3.030221939086914,
            "dport": 5355,
            "sport": 53848
        },
        {
            "src": "192.168.56.101",
            "dst": "224.0.0.252",
            "offset": 3002,
            "time": 1.5183970928192139,
            "dport": 5355,
            "sport": 54255
        },
        {
            "src": "192.168.56.101",
            "dst": "224.0.0.252",
            "offset": 3330,
            "time": -0.09844303131103516,
            "dport": 5355,
            "sport": 55314
        },
        {
            "src": "192.168.56.101",
            "dst": "239.255.255.250",
            "offset": 3658,
            "time": 1.5315930843353271,
            "dport": 1900,
            "sport": 1900
        },
        {
            "src": "192.168.56.101",
            "dst": "239.255.255.250",
            "offset": 6986,
            "time": 1.0366120338439941,
            "dport": 3702,
            "sport": 49152
        },
        {
            "src": "192.168.56.101",
            "dst": "239.255.255.250",
            "offset": 11178,
            "time": 3.1101930141448975,
            "dport": 1900,
            "sport": 53598
        }
    ],
    "dns_servers": [],
    "http": [],
    "icmp": [],
    "smtp": [],
    "tcp": [],
    "smtp_ex": [],
    "mitm": [],
    "hosts": [],
    "pcap_sha256": "d18f211168351278b07892fa2d5622b0d280e7a8307faf4ae0fc8c68cf7fae5d",
    "dns": [],
    "http_ex": [],
    "domains": [],
    "dead_hosts": [],
    "sorted_pcap_sha256": "0404c8b2c0a0775dfbf5144c56c96c803c7586a5a4a6f89d039e146d63735022",
    "irc": [],
    "https_ex": []
}

Screenshots

Screenshot from the sandbox

Folder name variants

launcher.exe may also be located in other folders than C:\Program Files\Opera\. The most common variants are listed below:

Other files also named launcher.exe

launcher.exe (201 votes)

Hashes [?]

PropertyValue
MD5d0de0f9ee59a2ff4fa8fa76e02425375
SHA256e97d94728039cc365829d5b8dbb3c3c2dec163a40caf1792c1b3d2827b3e1024

Error Messages

These are some of the error messages that can appear related to launcher.exe:

launcher.exe has encountered a problem and needs to close. We are sorry for the inconvenience.

launcher.exe - Application Error. The instruction at "0xXXXXXXXX" referenced memory at "0xXXXXXXXX". The memory could not be "read/written". Click on OK to terminate the program.

Opera Internet Browser has stopped working.

End Program - launcher.exe. This program is not responding.

launcher.exe is not a valid Win32 application.

launcher.exe - Application Error. The application failed to initialize properly (0xXXXXXXXX). Click OK to terminate the application.

What will you do with launcher.exe?

To help other users, please let us know what you will do with launcher.exe:



Malware or legitimate?

If you feel that you need more information to determine if your should keep this file or remove it, please read this guide.

Please select the option that best describe your thoughts on the information provided on this web page


Free online surveys

And now some shameless self promotion ;)

A screenshot of FreeFixer's scan result.Hi, my name is Roger Karlsson. I've been running this website since 2006. I want to let you know about the FreeFixer program. FreeFixer is a freeware tool that analyzes your system and let you manually identify unwanted programs. Once you've identified some malware files, FreeFixer is pretty good at removing them. You can download FreeFixer here. It runs on Windows 2000/XP/2003/2008/2016/2019/Vista/7/8/8.1/10. Supports both 32- and 64-bit Windows.

If you have questions, feedback on FreeFixer or the freefixer.com website, need help analyzing FreeFixer's scan result or just want to say hello, please contact me. You can find my email address at the contact page.

Comments

Please share with the other users what you think about this file. What does this file do? Is it legitimate or something that your computer is better without? Do you know how it was installed on your system? Did you install it yourself or did it come bundled with some other software? Is it running smoothly or do you get some error message? Any information that will help to document this file is welcome. Thank you for your contributions.

I'm reading all new comments so don't hesitate to post a question about the file. If I don't have the answer perhaps another user can help you.

No comments posted yet.

Leave a reply