Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

URLScan

urlscan

https://www.google.c...

android-9-x86

5

https://www.google.c...

android-10-x64

5

https://www.google.c...

android-11-x64

5

Resubmissions

12/10/2023, 15:10 UTC

231012-sjz66sff3x 8

12/10/2023, 15:01 UTC

231012-sd7ztsfa8z 8

12/10/2023, 14:56 UTC

231012-sbb5daha86 8

12/10/2023, 14:52 UTC

231012-r8xlxaef2z 8

12/10/2023, 14:50 UTC

231012-r7w9raee9v 8

12/10/2023, 14:46 UTC

231012-r5k4psed8v 8

Analysis

  • max time kernel
    610458s
  • max time network
    152s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    12/10/2023, 14:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.google.com/amp/s/sevenlionscapital.com/time/money/mnfcmb/otto.erni@volvo.com

Score
5/10
evasion

Malware Config

Signatures

  • Removes a system notification. 1 IoCs
    evasion

Processes

  • com.android.chrome
    1⤵
    • Removes a system notification.
    PID:4975

Network

  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    accounts.google.com
    Remote address:
    1.1.1.1:53
    Request
    accounts.google.com
    IN A
    Response
    accounts.google.com
    IN A
    172.217.168.237
  • flag-us
    DNS
    safebrowsing.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    safebrowsing.googleapis.com
    IN A
    Response
    safebrowsing.googleapis.com
    IN A
    142.251.39.106
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    142.251.36.3
  • flag-nl
    POST
    https://update.googleapis.com/service/update2
    Remote address:
    142.251.36.3:443
    Request
    POST /service/update2 HTTP/1.1
    Content-Length: 661
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 10; Pixel 2 Build/QSR1.210802.001)
    Host: update.googleapis.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Content-Security-Policy: script-src 'report-sample' 'nonce-0STuUF6-Yrx7v1DLhfq3eA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 12 Oct 2023 14:53:26 GMT
    Content-Type: text/xml; charset=UTF-8
    X-Daynum: 6128
    X-Daystart: 28406
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    POST
    https://update.googleapis.com/service/update2
    Remote address:
    142.251.36.3:443
    Request
    POST /service/update2 HTTP/1.1
    Content-Length: 655
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 10; Pixel 2 Build/QSR1.210802.001)
    Host: update.googleapis.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Content-Security-Policy: script-src 'report-sample' 'nonce-kWh4ars1EMrEDaBPBngrvg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 12 Oct 2023 14:53:26 GMT
    Content-Type: text/xml; charset=UTF-8
    X-Daynum: 6128
    X-Daystart: 28406
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    naldubapym
    Remote address:
    1.1.1.1:53
    Request
    naldubapym
    IN A
    Response
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    sevenlionscapital.com
    Remote address:
    1.1.1.1:53
    Request
    sevenlionscapital.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    sevenlionscapital.com
    Remote address:
    1.1.1.1:53
    Request
    sevenlionscapital.com
    IN A
  • flag-us
    DNS
    sevenlionscapital.com
    Remote address:
    1.1.1.1:53
    Request
    sevenlionscapital.com
    IN A
    Response
    sevenlionscapital.com
    IN A
    69.49.245.172
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
  • flag-us
    DNS
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    Remote address:
    1.1.1.1:53
    Request
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.179.142
  • flag-us
    DNS
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    Remote address:
    1.1.1.1:53
    Request
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    IN A
    Response
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    IN A
    172.67.216.66
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    IN A
    104.21.16.222
  • flag-us
    DNS
    challenges.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    challenges.cloudflare.com
    IN A
    Response
    challenges.cloudflare.com
    IN A
    104.17.2.184
    challenges.cloudflare.com
    IN A
    104.17.3.184
  • flag-us
    DNS
    cdn.jsdelivr.net
    Remote address:
    1.1.1.1:53
    Request
    cdn.jsdelivr.net
    IN A
  • flag-us
    DNS
    cdn.jsdelivr.net
    Remote address:
    1.1.1.1:53
    Request
    cdn.jsdelivr.net
    IN A
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
    Response
  • flag-us
    DNS
    fkhkxmjhlgwatk
    Remote address:
    1.1.1.1:53
    Request
    fkhkxmjhlgwatk
    IN A
    Response
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
  • flag-us
    DNS
    uhxkmxgkamn
    Remote address:
    1.1.1.1:53
    Request
    uhxkmxgkamn
    IN A
    Response
  • flag-us
    DNS
    cdn.jsdelivr.net
    Remote address:
    1.1.1.1:53
    Request
    cdn.jsdelivr.net
    IN A
    Response
    cdn.jsdelivr.net
    IN CNAME
    jsdelivr.map.fastly.net
    jsdelivr.map.fastly.net
    IN A
    151.101.129.229
    jsdelivr.map.fastly.net
    IN A
    151.101.193.229
    jsdelivr.map.fastly.net
    IN A
    151.101.65.229
    jsdelivr.map.fastly.net
    IN A
    151.101.1.229
  • flag-us
    DNS
    a.nel.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    a.nel.cloudflare.com
    IN A
    Response
    a.nel.cloudflare.com
    IN A
    35.190.80.1
  • flag-us
    DNS
    clients1.google.com
    Remote address:
    1.1.1.1:53
    Request
    clients1.google.com
    IN A
  • flag-us
    DNS
    clients1.google.com
    Remote address:
    1.1.1.1:53
    Request
    clients1.google.com
    IN A
  • flag-us
    DNS
    clients1.google.com
    Remote address:
    1.1.1.1:53
    Request
    clients1.google.com
    IN A
    Response
    clients1.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.251.39.110
  • flag-us
    DNS
    cdn.jsdelivr.net
    Remote address:
    1.1.1.1:53
    Request
    cdn.jsdelivr.net
    IN A
    Response
    cdn.jsdelivr.net
    IN CNAME
    jsdelivr.map.fastly.net
    jsdelivr.map.fastly.net
    IN A
    151.101.1.229
    jsdelivr.map.fastly.net
    IN A
    151.101.129.229
    jsdelivr.map.fastly.net
    IN A
    151.101.65.229
    jsdelivr.map.fastly.net
    IN A
    151.101.193.229
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.251.36.40
  • 172.217.168.237:443
    accounts.google.com
    tls
    1.9kB
     7.5kB
     16
    15
  • 142.251.39.106:443
    safebrowsing.googleapis.com
    tls
    3.8kB
     379.8kB
     45
    72
  • 142.251.36.3:443
    https://update.googleapis.com/service/update2
    tls, http
    3.1kB
     8.4kB
     12
    12

    HTTP Request

    POST https://update.googleapis.com/service/update2

    HTTP Response

    200

    HTTP Request

    POST https://update.googleapis.com/service/update2

    HTTP Response

    200
  • 69.49.245.172:443
    sevenlionscapital.com
    tls
    1.8kB
     6.9kB
     13
    9
  • 69.49.245.172:443
    sevenlionscapital.com
    tls
    1.8kB
     6.7kB
     12
    9
  • 172.217.23.202:443
    tls, https
    1.2kB
     40 B
     1
    1
  • 142.250.179.142:443
    android.apis.google.com
    tls
    4.6kB
     8.7kB
     13
    19
  • 172.67.216.66:443
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    tls
    25.5kB
     186.9kB
     136
    163
  • 172.67.216.66:443
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    tls
    1.0kB
     4.5kB
     9
    6
  • 104.17.2.184:443
    challenges.cloudflare.com
    tls
    64.3kB
     204.7kB
     141
    140
  • 151.101.129.229:443
    cdn.jsdelivr.net
    tls
    1.6kB
     32.1kB
     12
    13
  • 35.190.80.1:443
    a.nel.cloudflare.com
    tls
    2.8kB
     6.0kB
     15
    11
  • 142.251.39.110:443
    clients1.google.com
    tls
    1.6kB
     8.4kB
     11
    12
  • 142.251.36.40:443
    ssl.google-analytics.com
    tls
    1.2kB
     5.6kB
     7
    5
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    android.apis.google.com
    dns
    138 B
     2

    DNS Request

    android.apis.google.com

    DNS Request

    android.apis.google.com

  • 1.1.1.1:53
    accounts.google.com
    dns
    65 B
     81 B
     1
    1

    DNS Request

    accounts.google.com

    DNS Response

    172.217.168.237

  • 1.1.1.1:53
    safebrowsing.googleapis.com
    dns
    73 B
     89 B
     1
    1

    DNS Request

    safebrowsing.googleapis.com

    DNS Response

    142.251.39.106

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    140 B
     2

    DNS Request

    ssl.google-analytics.com

    DNS Request

    ssl.google-analytics.com

  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
     83 B
     1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    142.251.36.3

  • 1.1.1.1:53
    naldubapym
    dns
    56 B
     131 B
     1
    1

    DNS Request

    naldubapym

  • 1.1.1.1:53
    uhxkmxgkamn
    dns
    114 B
     2

    DNS Request

    uhxkmxgkamn

    DNS Request

    uhxkmxgkamn

  • 1.1.1.1:53
    fkhkxmjhlgwatk
    dns
    120 B
     2

    DNS Request

    fkhkxmjhlgwatk

    DNS Request

    fkhkxmjhlgwatk

  • 1.1.1.1:53
    android.apis.google.com
    dns
    138 B
     2

    DNS Request

    android.apis.google.com

    DNS Request

    android.apis.google.com

  • 1.1.1.1:53
    sevenlionscapital.com
    dns
    67 B
     1

    DNS Request

    sevenlionscapital.com

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    140 B
     2

    DNS Request

    ssl.google-analytics.com

    DNS Request

    ssl.google-analytics.com

  • 1.1.1.1:53
    sevenlionscapital.com
    dns
    67 B
     1

    DNS Request

    sevenlionscapital.com

  • 1.1.1.1:53
    sevenlionscapital.com
    dns
    67 B
     83 B
     1
    1

    DNS Request

    sevenlionscapital.com

    DNS Response

    69.49.245.172

  • 1.1.1.1:53
    uhxkmxgkamn
    dns
    114 B
     2

    DNS Request

    uhxkmxgkamn

    DNS Request

    uhxkmxgkamn

  • 1.1.1.1:53
    fkhkxmjhlgwatk
    dns
    120 B
     2

    DNS Request

    fkhkxmjhlgwatk

    DNS Request

    fkhkxmjhlgwatk

  • 1.1.1.1:53
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    dns
    77 B
     1

    DNS Request

    pmm1s9kbbrnvri3wzakf.jcj6buf.ru

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.179.142

  • 1.1.1.1:53
    pmm1s9kbbrnvri3wzakf.jcj6buf.ru
    dns
    77 B
     109 B
     1
    1

    DNS Request

    pmm1s9kbbrnvri3wzakf.jcj6buf.ru

    DNS Response

    172.67.216.66
    104.21.16.222

  • 1.1.1.1:53
    challenges.cloudflare.com
    dns
    71 B
     103 B
     1
    1

    DNS Request

    challenges.cloudflare.com

    DNS Response

    104.17.2.184
    104.17.3.184

  • 1.1.1.1:53
    cdn.jsdelivr.net
    dns
    62 B
     1

    DNS Request

    cdn.jsdelivr.net

  • 1.1.1.1:53
    cdn.jsdelivr.net
    dns
    62 B
     1

    DNS Request

    cdn.jsdelivr.net

  • 1.1.1.1:53
    fkhkxmjhlgwatk
    dns
    60 B
     135 B
     1
    1

    DNS Request

    fkhkxmjhlgwatk

  • 1.1.1.1:53
    fkhkxmjhlgwatk
    dns
    60 B
     135 B
     1
    1

    DNS Request

    fkhkxmjhlgwatk

  • 1.1.1.1:53
    uhxkmxgkamn
    dns
    114 B
     2

    DNS Request

    uhxkmxgkamn

    DNS Request

    uhxkmxgkamn

  • 1.1.1.1:53
    uhxkmxgkamn
    dns
    57 B
     132 B
     1
    1

    DNS Request

    uhxkmxgkamn

  • 1.1.1.1:53
    cdn.jsdelivr.net
    dns
    62 B
     160 B
     1
    1

    DNS Request

    cdn.jsdelivr.net

    DNS Response

    151.101.129.229
    151.101.193.229
    151.101.65.229
    151.101.1.229

  • 1.1.1.1:53
    a.nel.cloudflare.com
    dns
    66 B
     82 B
     1
    1

    DNS Request

    a.nel.cloudflare.com

    DNS Response

    35.190.80.1

  • 1.1.1.1:53
    clients1.google.com
    dns
    65 B
     1

    DNS Request

    clients1.google.com

  • 1.1.1.1:53
    clients1.google.com
    dns
    65 B
     1

    DNS Request

    clients1.google.com

  • 1.1.1.1:53
    clients1.google.com
    dns
    65 B
     105 B
     1
    1

    DNS Request

    clients1.google.com

    DNS Response

    142.251.39.110

  • 1.1.1.1:53
    cdn.jsdelivr.net
    dns
    62 B
     160 B
     1
    1

    DNS Request

    cdn.jsdelivr.net

    DNS Response

    151.101.1.229
    151.101.129.229
    151.101.65.229
    151.101.193.229

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.251.36.40

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.