Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

49c3559203...5c.exe

windows7-x64

1

49c3559203...5c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/11/2023, 05:06 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe

  • Size

    5.0MB

  • MD5

    80f730218e02701fb2c8927b96d95391

  • SHA1

    4f5ccd293d548262f37189f0788cbe5b61fb495e

  • SHA256

    49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c

  • SHA512

    8d379e0ee1096fdfeb094dd75d989be3b39047ecf31f74b0ceb6336117279ff7252dfaacbe0ff851708bde385bc5a34a0fd03bdb597ab55639e70d15dc0bbb4d

  • SSDEEP

    49152:r56uL3pgrCEdMKPFotsgEBr6GjvzW+UBA3Gd7po52xWKQY2v2V6liK1uOCeXvpn1:r56utgpPFotBER/mQ32lUn

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe
    "C:\Users\Admin\AppData\Local\Temp\49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe"
    1⤵
      PID:3344

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      146.78.124.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.78.124.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      122.175.53.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      122.175.53.84.in-addr.arpa
      IN PTR
      Response
      122.175.53.84.in-addr.arpa
      IN PTR
      a84-53-175-122deploystaticakamaitechnologiescom
    • flag-us
      DNS
      76.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      76.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      2.136.104.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      2.136.104.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      s3.us-east-2.amazonaws.com
      49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe
      Remote address:
      8.8.8.8:53
      Request
      s3.us-east-2.amazonaws.com
      IN A
      Response
      s3.us-east-2.amazonaws.com
      IN A
      52.219.109.169
      s3.us-east-2.amazonaws.com
      IN A
      52.219.176.113
      s3.us-east-2.amazonaws.com
      IN A
      52.219.97.233
      s3.us-east-2.amazonaws.com
      IN A
      52.219.176.57
      s3.us-east-2.amazonaws.com
      IN A
      52.219.109.249
      s3.us-east-2.amazonaws.com
      IN A
      52.219.176.177
      s3.us-east-2.amazonaws.com
      IN A
      52.219.104.10
      s3.us-east-2.amazonaws.com
      IN A
      52.219.110.121
    • flag-us
      DNS
      169.109.219.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      169.109.219.52.in-addr.arpa
      IN PTR
      Response
      169.109.219.52.in-addr.arpa
      IN PTR
      s3 us-east-2 amazonawscom
    • flag-us
      DNS
      15.39.65.18.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      15.39.65.18.in-addr.arpa
      IN PTR
      Response
      15.39.65.18.in-addr.arpa
      IN PTR
      server-18-65-39-15ams1r cloudfrontnet
    • flag-us
      DNS
      107.175.53.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      107.175.53.84.in-addr.arpa
      IN PTR
      Response
      107.175.53.84.in-addr.arpa
      IN PTR
      a84-53-175-107deploystaticakamaitechnologiescom
    • flag-us
      DNS
      103.169.127.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      103.169.127.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      1.202.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      1.202.248.87.in-addr.arpa
      IN PTR
      Response
      1.202.248.87.in-addr.arpa
      IN PTR
      https-87-248-202-1amsllnwnet
    • flag-us
      DNS
      240.221.184.93.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.221.184.93.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      15.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      15.173.189.20.in-addr.arpa
      IN PTR
      Response
    • 52.219.109.169:443
      s3.us-east-2.amazonaws.com
      tls
      49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe
      1.2kB
       7.8kB
       15
      18
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      146.78.124.51.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      146.78.124.51.in-addr.arpa

    • 8.8.8.8:53
      122.175.53.84.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      122.175.53.84.in-addr.arpa

    • 8.8.8.8:53
      76.32.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      76.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      2.136.104.51.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      2.136.104.51.in-addr.arpa

    • 8.8.8.8:53
      s3.us-east-2.amazonaws.com
      dns
      49c3559203112aab2a3500d6b8dadd618cbee1216dc77843a242147c97ce835c.exe
      72 B
       200 B
       1
      1

      DNS Request

      s3.us-east-2.amazonaws.com

      DNS Response

      52.219.109.169
      52.219.176.113
      52.219.97.233
      52.219.176.57
      52.219.109.249
      52.219.176.177
      52.219.104.10
      52.219.110.121

    • 8.8.8.8:53
      169.109.219.52.in-addr.arpa
      dns
      73 B
       113 B
       1
      1

      DNS Request

      169.109.219.52.in-addr.arpa

    • 8.8.8.8:53
      15.39.65.18.in-addr.arpa
      dns
      70 B
       124 B
       1
      1

      DNS Request

      15.39.65.18.in-addr.arpa

    • 8.8.8.8:53
      107.175.53.84.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      107.175.53.84.in-addr.arpa

    • 8.8.8.8:53
      103.169.127.40.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      103.169.127.40.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      1.202.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      1.202.248.87.in-addr.arpa

    • 8.8.8.8:53
      240.221.184.93.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      240.221.184.93.in-addr.arpa

    • 8.8.8.8:53
      15.173.189.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      15.173.189.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.