Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Act I - Ve...da.exe

windows7-x64

1

Act I - Ve...da.exe

windows10-2004-x64

1

Act I - Ve...m.html

windows7-x64

1

Act I - Ve...m.html

windows10-2004-x64

1

Act I - Ve...47.dll

windows7-x64

3

Act I - Ve...47.dll

windows10-2004-x64

1

Act I - Ve...eg.dll

windows7-x64

1

Act I - Ve...eg.dll

windows10-2004-x64

1

Act I - Ve...GL.dll

windows7-x64

1

Act I - Ve...GL.dll

windows10-2004-x64

1

Act I - Ve...v2.dll

windows7-x64

3

Act I - Ve...v2.dll

windows10-2004-x64

3

Act I - Ve...lob.js

windows7-x64

1

Act I - Ve...lob.js

windows10-2004-x64

1

Act I - Ve...ron.js

windows7-x64

1

Act I - Ve...ron.js

windows10-2004-x64

1

Act I - Ve...GL.dll

windows7-x64

1

Act I - Ve...GL.dll

windows10-2004-x64

1

Act I - Ve...v2.dll

windows7-x64

1

Act I - Ve...v2.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/07/2023, 06:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Act I - Veda/natives_blob.js

  • Size

    81KB

  • MD5

    e350965916554e65a47305a6ab27c2ba

  • SHA1

    9d60e499a907811a3155e9a07f8645d6c83cb909

  • SHA256

    1cae202ada016cf455abf69d583524a1d37a1371ad4efdfac4baed07c6402bdd

  • SHA512

    c6044b769a00f887b573ad35a7f5b71f6134d2d596a54effa50710be2f528acefea53ae4a2847e16c1b4e56962d8b0fe24f1ea4a04bfe167514b0abddb4fb5a8

  • SSDEEP

    1536:+bz4Oif2sMnL8gDpKD0rrr/4or06mGsY3csV3/EBSee0fHVvJ4TGD3zT+2xeiug5:+bz4Oif2sMHEBSx0fHVvOT6jTTeitwV8

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe "C:\Users\Admin\AppData\Local\Temp\Act I - Veda\natives_blob.js"
    1⤵
      PID:1568

    Network

    • flag-us
      DNS
      146.78.124.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.78.124.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      240.81.21.72.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.81.21.72.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      59.128.231.4.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      59.128.231.4.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      56.126.166.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.126.166.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      57.169.31.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      57.169.31.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      200.74.101.95.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.74.101.95.in-addr.arpa
      IN PTR
      Response
      200.74.101.95.in-addr.arpa
      IN PTR
      a95-101-74-200deploystaticakamaitechnologiescom
    • flag-us
      DNS
      89.65.42.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      89.65.42.20.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      146.78.124.51.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      146.78.124.51.in-addr.arpa

    • 8.8.8.8:53
      240.81.21.72.in-addr.arpa
      dns
      71 B
       142 B
       1
      1

      DNS Request

      240.81.21.72.in-addr.arpa

    • 8.8.8.8:53
      71.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      71.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      59.128.231.4.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      59.128.231.4.in-addr.arpa

    • 8.8.8.8:53
      86.23.85.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      56.126.166.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      56.126.166.20.in-addr.arpa

    • 8.8.8.8:53
      57.169.31.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      57.169.31.20.in-addr.arpa

    • 8.8.8.8:53
      200.74.101.95.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      200.74.101.95.in-addr.arpa

    • 8.8.8.8:53
      89.65.42.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      89.65.42.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.