Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3CPLApplet.dll
windows10-2004-x64
1Hidden CPL...ed.exe
windows10-2004-x64
1Stub/CPLApplet.dll
windows10-2004-x64
1Stub/CPLAp...is.vbs
windows10-2004-x64
1Stub/CPLAp...et.dll
windows10-2004-x64
1Stub/CPLAp...er.vbs
windows10-2004-x64
1Stub/CPLAp...es.vbs
windows10-2004-x64
1Stub/CPLAp...er.vbs
windows10-2004-x64
1Stub/CPLAp...st.vbs
windows10-2004-x64
1Stub/Offli...is.vbs
windows10-2004-x64
1Stub/Offli...et.dll
windows10-2004-x64
1Stub/Offli...er.vbs
windows10-2004-x64
1Stub/SDKs/...et.dll
windows10-2004-x64
1Stub/SDKs/...rc.dll
windows10-2004-x64
1Stub/SDKs/...UI.dll
windows10-2004-x64
1Stub/SDKs/...rc.dll
windows10-2004-x64
1Stub/SDKs/...rc.dll
windows10-2004-x64
1Stub/SDKs/...rc.dll
windows10-2004-x64
1Stub/SDKs/...rc.dll
windows10-2004-x64
1Stub/SDKs/AxImp.exe
windows10-2004-x64
1Stub/SDKs/...et.dll
windows10-2004-x64
1Stub/SDKs/...gs.exe
windows10-2004-x64
1Stub/SDKs/...VW.exe
windows10-2004-x64
1Stub/SDKs/IlDasm.chm
windows10-2004-x64
1Stub/SDKs/...st.exe
windows10-2004-x64
1Stub/SDKs/...fy.exe
windows10-2004-x64
1Stub/SDKs/ResGen.exe
windows10-2004-x64
1Stub/SDKs/...te.exe
windows10-2004-x64
1Stub/SDKs/...al.exe
windows10-2004-x64
1Stub/SDKs/...dm.exe
windows10-2004-x64
1Stub/SDKs/Tracker.exe
windows10-2004-x64
1Stub/SDKs/...st.exe
windows10-2004-x64
1Analysis
-
max time kernel
79s -
max time network
101s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system -
submitted
12/11/2023, 21:43 UTC
Static task
static1
Behavioral task
behavioral1
Sample
CPLApplet.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral2
Sample
Hidden CPLApplet Builder_Slayed_dotkill-cleaned.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
Stub/CPLApplet.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral4
Sample
Stub/CPLApplet/Analysis.vbs
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
Stub/CPLApplet/CPLApplet.dll
Resource
win10v2004-20231025-en
Behavioral task
behavioral6
Sample
Stub/CPLApplet/Resources.Designer.vbs
Resource
win10v2004-20231023-en
Behavioral task
behavioral7
Sample
Stub/CPLApplet/Resources.vbs
Resource
win10v2004-20231023-en
Behavioral task
behavioral8
Sample
Stub/CPLApplet/Settings.Designer.vbs
Resource
win10v2004-20231025-en
Behavioral task
behavioral9
Sample
Stub/CPLApplet/Test.vbs
Resource
win10v2004-20231020-en
Behavioral task
behavioral10
Sample
Stub/Offline/Analysis.vbs
Resource
win10v2004-20231023-en
Behavioral task
behavioral11
Sample
Stub/Offline/CPLApplet.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral12
Sample
Stub/Offline/Resources.Designer.vbs
Resource
win10v2004-20231023-en
Behavioral task
behavioral13
Sample
Stub/SDKs/1033/CPLApplet.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral14
Sample
Stub/SDKs/1033/IlDasmrc.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral15
Sample
Stub/SDKs/1033/TrackerUI.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral16
Sample
Stub/SDKs/1033/flogvwrc.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral17
Sample
Stub/SDKs/1033/gacutlrc.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral18
Sample
Stub/SDKs/1033/pevrfyrc.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral19
Sample
Stub/SDKs/1033/snrc.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral20
Sample
Stub/SDKs/AxImp.exe
Resource
win10v2004-20231025-en
Behavioral task
behavioral21
Sample
Stub/SDKs/CPLApplet.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral22
Sample
Stub/SDKs/CorFlags.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral23
Sample
Stub/SDKs/FUSLOGVW.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral24
Sample
Stub/SDKs/IlDasm.chm
Resource
win10v2004-20231020-en
Behavioral task
behavioral25
Sample
Stub/SDKs/MSBuildTaskHost.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral26
Sample
Stub/SDKs/PEVerify.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral27
Sample
Stub/SDKs/ResGen.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral28
Sample
Stub/SDKs/SecAnnotate.exe
Resource
win10v2004-20231025-en
Behavioral task
behavioral29
Sample
Stub/SDKs/SqlMetal.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral30
Sample
Stub/SDKs/StoreAdm.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral31
Sample
Stub/SDKs/Tracker.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral32
Sample
Stub/SDKs/x64/MSBuildTaskHost.exe
Resource
win10v2004-20231020-en
General
-
Target
Stub/SDKs/1033/TrackerUI.dll
-
Size
22KB
-
MD5
0aa38010fc32780174009c5530925c40
-
SHA1
802a3933d4a401bdeae237d39beb24564e483913
-
SHA256
458a438434c49581b052fdcd0db5b1e21ca966e738440426963b24177ff9559b
-
SHA512
ce5d8cc7c7504baa3ffdbdf11dfcaa27df087e6bb13baaca4a04bce0fac32ee202dab42bc7cf52e8476dce05119714b7425b1f8db63b2eb89d91c940e5c39d39
-
SSDEEP
384:MXWD8WQTK78xJ8xClRAtkQG47h0GftpBjV4X3FtAHRN7LUklrhfbi:1jRG1iD6ALUOji
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request76.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request32.101.122.92.in-addr.arpaIN PTRResponse32.101.122.92.in-addr.arpaIN PTRa92-122-101-32deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request9.228.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request208.194.73.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request183.59.114.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.1.85.104.in-addr.arpaIN PTRResponse198.1.85.104.in-addr.arpaIN PTRa104-85-1-198deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request146.99.217.23.in-addr.arpaIN PTRResponse146.99.217.23.in-addr.arpaIN PTRa23-217-99-146deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request59.128.231.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request19.229.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request48.101.122.92.in-addr.arpaIN PTRResponse48.101.122.92.in-addr.arpaIN PTRa92-122-101-48deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301336_1YOPPWPUT0SV8Y6UI&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301336_1YOPPWPUT0SV8Y6UI&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 463918
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57866F287F8649D9BC0546E815B9755B Ref B: DUS30EDGE0807 Ref C: 2023-11-12T21:49:01Z
date: Sun, 12 Nov 2023 21:49:01 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301656_1UF2NHYT5O10ODCQC&pid=21.2&w=1080&h=1920&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301656_1UF2NHYT5O10ODCQC&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 412317
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3DBE09B7F36748AFAFFDB2B60242AB2F Ref B: DUS30EDGE0807 Ref C: 2023-11-12T21:49:01Z
date: Sun, 12 Nov 2023 21:49:01 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317301247_1S6WRKLRED8BX987F&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317301247_1S6WRKLRED8BX987F&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 446570
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B13226353FE4FEAA8857EDFAC97BFD4 Ref B: DUS30EDGE0807 Ref C: 2023-11-12T21:49:01Z
date: Sun, 12 Nov 2023 21:49:01 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317300903_1I9D73EQ93UVAQQA3&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317300903_1I9D73EQ93UVAQQA3&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 563338
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF8EA136325D40E484142651035849C2 Ref B: DUS30EDGE0807 Ref C: 2023-11-12T21:49:01Z
date: Sun, 12 Nov 2023 21:49:01 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239317300938_116Z84FUP3EYXI7L6&pid=21.2&w=1920&h=1080&c=4Remote address:204.79.197.200:443RequestGET /th?id=OADD2.10239317300938_116Z84FUP3EYXI7L6&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 422514
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79177F475F24476799F5EE6CDFAEFB64 Ref B: DUS30EDGE0807 Ref C: 2023-11-12T21:49:01Z
date: Sun, 12 Nov 2023 21:49:01 GMT
-
1.2kB 8.3kB 15 14
-
1.2kB 8.3kB 15 14
-
204.79.197.200:443https://tse1.mm.bing.net/th?id=OADD2.10239317300938_116Z84FUP3EYXI7L6&pid=21.2&w=1920&h=1080&c=4tls, http287.3kB 2.4MB 1749 1746
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301336_1YOPPWPUT0SV8Y6UI&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301656_1UF2NHYT5O10ODCQC&pid=21.2&w=1080&h=1920&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317301247_1S6WRKLRED8BX987F&pid=21.2&w=1920&h=1080&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317300903_1I9D73EQ93UVAQQA3&pid=21.2&w=1920&h=1080&c=4HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239317300938_116Z84FUP3EYXI7L6&pid=21.2&w=1920&h=1080&c=4HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200 -
1.2kB 8.3kB 15 14
-
1.2kB 8.3kB 15 14
-
71 B 157 B 1 1
DNS Request
76.32.126.40.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
32.101.122.92.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
9.228.82.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
208.194.73.20.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
183.59.114.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
198.1.85.104.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
146.99.217.23.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
59.128.231.4.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
19.229.111.52.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
48.101.122.92.in-addr.arpa
-
62 B 173 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
204.79.197.20013.107.21.200