Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
26/12/2023, 08:23 UTC
Static task
static1
Behavioral task
behavioral1
Sample
5f84d3d5674a3cdfade4eb5c61923fcf.js
Resource
win7-20231215-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
5f84d3d5674a3cdfade4eb5c61923fcf.js
Resource
win10v2004-20231222-en
0 signatures
150 seconds
General
-
Target
5f84d3d5674a3cdfade4eb5c61923fcf.js
-
Size
88KB
-
MD5
5f84d3d5674a3cdfade4eb5c61923fcf
-
SHA1
93bed2529efd7a3f7b6a9838525216e0aae4c159
-
SHA256
e099ee9920ec5120f53e85822b0f7a2feec0cb355d507d0bf9f9388aa732259f
-
SHA512
d3eb07776bdc47f250654d53b8c2ae3c64ce5dc4a2944099edb275c14f2868dfeeeb30b84c1c5e1aab59b0477d19d97bb442a517ca0fd5cf767f4450cd5135c3
-
SSDEEP
768:1Oj0qyH3JuRw8thCjqPVtwyV1VKCOv3myO63yCYwWrWJOZOu0EPNl8:o0vHTChCjsVtwyV1VKCOv3meyC6ZOh
Score
1/10
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.a-0001.a-msedge.netg-bing-com.a-0001.a-msedge.netIN CNAMEdual-a-0001.a-msedge.netdual-a-0001.a-msedge.netIN A204.79.197.200dual-a-0001.a-msedge.netIN A13.107.21.200
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=09C6D82D250463AF3B3DCBD9242362C3; domain=.bing.com; expires=Mon, 20-Jan-2025 13:46:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B555B0B7D84A42A8A381A8DFAD32F741 Ref B: LON04EDGE0708 Ref C: 2023-12-27T13:46:50Z
date: Wed, 27 Dec 2023 13:46:50 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=09C6D82D250463AF3B3DCBD9242362C3
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=cB99AB-TZ5LDrSEtSgn4GkDsH-7J8cNjfP7REIzM9_E; domain=.bing.com; expires=Mon, 20-Jan-2025 13:46:51 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D4690618C314B30B17A4B831BD205C2 Ref B: LON04EDGE0708 Ref C: 2023-12-27T13:46:51Z
date: Wed, 27 Dec 2023 13:46:50 GMT
-
GEThttps://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=Remote address:204.79.197.200:443RequestGET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=09C6D82D250463AF3B3DCBD9242362C3; MSPTC=cB99AB-TZ5LDrSEtSgn4GkDsH-7J8cNjfP7REIzM9_E
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03A1508E219A40B4BA372DC050F40B5F Ref B: LON04EDGE0708 Ref C: 2023-12-27T13:46:51Z
date: Wed, 27 Dec 2023 13:46:50 GMT
-
Remote address:8.8.8.8:53Request4.181.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request194.178.17.96.in-addr.arpaIN PTRResponse194.178.17.96.in-addr.arpaIN PTRa96-17-178-194deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request241.154.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request41.110.16.96.in-addr.arpaIN PTRResponse41.110.16.96.in-addr.arpaIN PTRa96-16-110-41deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request45.19.74.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request50.23.12.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.134.221.88.in-addr.arpaIN PTRResponse18.134.221.88.in-addr.arpaIN PTRa88-221-134-18deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request218.135.221.88.in-addr.arpaIN PTRResponse218.135.221.88.in-addr.arpaIN PTRa88-221-135-218deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request19.229.111.52.in-addr.arpaIN PTRResponse
-
204.79.197.200:443https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=tls, http22.0kB 9.4kB 21 18
HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=HTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0d9f9b2b391a421e818a60a7de3f5048&localId=w:8DF2633F-10BE-C247-8B12-9A64CE5AE8FE&deviceId=6896190589629886&anid=HTTP Response
204
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
56 B 158 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.20013.107.21.200
-
71 B 157 B 1 1
DNS Request
4.181.190.20.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
194.178.17.96.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
241.154.82.20.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
41.110.16.96.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
45.19.74.20.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
50.23.12.20.in-addr.arpa
-
142 B 157 B 2 1
DNS Request
198.187.3.20.in-addr.arpa
DNS Request
198.187.3.20.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
18.134.221.88.in-addr.arpa
-
73 B 139 B 1 1
DNS Request
218.135.221.88.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
19.229.111.52.in-addr.arpa