Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0a51bea801...5e.exe

windows7-x64

1

0a51bea801...5e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 01:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a51bea80154151ec8c65bb1a243e75e.exe

  • Size

    701KB

  • MD5

    0a51bea80154151ec8c65bb1a243e75e

  • SHA1

    6c21238a97ab90f6752968c8c8cd9474a1dfca69

  • SHA256

    0627d77cba5f1a8dc06f4d44a6438e756ba51bc212eb1ac03e09fcb0afd47647

  • SHA512

    ac048a57c75c250637300b7db1c3ba688d7d3c48b4ee2dd32cd116e5cc5540a7bf6fd9fcb8f59dd023dbb269a7bd1961f8031129fdff1c633e82a56ce1d247c5

  • SSDEEP

    12288:ZBwq6VFMFXpComESVXbTcUNUQ8Oog2cazH+jUv7wIHylWmFDwqJd/OT:/B6VF8C1ESVXboH9jVHF7wIHgHF3/OT

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\0a51bea80154151ec8c65bb1a243e75e.exe
    "C:\Users\Admin\AppData\Local\Temp\0a51bea80154151ec8c65bb1a243e75e.exe"
    1⤵
      PID:2456

    Network

    • flag-us
      DNS
      23.177.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      23.177.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      2.136.104.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      2.136.104.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      211.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      211.178.17.96.in-addr.arpa
      IN PTR
      Response
      211.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-211deploystaticakamaitechnologiescom
    • flag-us
      DNS
      88.156.103.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.156.103.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.156.103.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.156.103.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      9.228.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      9.228.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      167.109.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      167.109.18.2.in-addr.arpa
      IN PTR
      Response
      167.109.18.2.in-addr.arpa
      IN PTR
      a2-18-109-167deploystaticakamaitechnologiescom
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      198.187.3.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      198.187.3.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.134.221.88.in-addr.arpa
      IN PTR
      Response
      18.134.221.88.in-addr.arpa
      IN PTR
      a88-221-134-18deploystaticakamaitechnologiescom
    • flag-us
      DNS
      18.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.134.221.88.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      18.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.134.221.88.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      104.241.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      104.241.123.92.in-addr.arpa
      IN PTR
      Response
      104.241.123.92.in-addr.arpa
      IN PTR
      a92-123-241-104deploystaticakamaitechnologiescom
    • flag-us
      DNS
      104.241.123.92.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      104.241.123.92.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      119.110.54.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      119.110.54.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      193.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      193.178.17.96.in-addr.arpa
      IN PTR
      Response
      193.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-193deploystaticakamaitechnologiescom
    • flag-us
      DNS
      209.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.178.17.96.in-addr.arpa
      IN PTR
      Response
      209.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-209deploystaticakamaitechnologiescom
    • flag-us
      DNS
      211.135.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      211.135.221.88.in-addr.arpa
      IN PTR
      Response
      211.135.221.88.in-addr.arpa
      IN PTR
      a88-221-135-211deploystaticakamaitechnologiescom
    • flag-us
      DNS
      194.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      194.178.17.96.in-addr.arpa
      IN PTR
      Response
      194.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-194deploystaticakamaitechnologiescom
    • flag-us
      DNS
      Remote address:
      8.8.8.8:53
      Response
      194.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-194deploystaticakamaitechnologiescom
    • flag-us
      DNS
      55.36.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      55.36.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      55.36.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      55.36.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      204.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      204.178.17.96.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      204.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      204.178.17.96.in-addr.arpa
      IN PTR
    • 96.17.178.194:80
      92 B
       40 B
       2
      1
    • 96.17.178.194:80
      92 B
       40 B
       2
      1
    • 88.221.135.211:80
    • 88.221.135.217:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 20.223.35.26:443
    • 20.223.35.26:443
    • 20.223.35.26:443
    • 204.79.197.200:443
      tls
      864 B
       1.0kB
       7
      3
    • 204.79.197.200:443
      tls
      826 B
       649 B
       7
      5
    • 204.79.197.200:443
      tls
      826 B
       649 B
       7
      5
    • 204.79.197.200:443
      tls
      826 B
       649 B
       7
      5
    • 204.79.197.200:443
      tls
      4.8kB
       71.2kB
       62
      55
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 96.17.178.204:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 2.18.110.57:80
    • 138.91.171.81:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 20.189.173.1:443
    • 192.229.221.95:80
    • 96.17.178.173:80
    • 96.17.178.173:80
    • 96.17.178.173:80
    • 96.17.178.173:80
    • 2.18.110.57:80
    • 96.17.178.173:80
    • 8.8.8.8:53
      23.177.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      23.177.190.20.in-addr.arpa

    • 8.8.8.8:53
      2.136.104.51.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      2.136.104.51.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      211.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      211.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      88.156.103.20.in-addr.arpa
      dns
      144 B
       158 B
       2
      1

      DNS Request

      88.156.103.20.in-addr.arpa

      DNS Request

      88.156.103.20.in-addr.arpa

    • 8.8.8.8:53
      9.228.82.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      9.228.82.20.in-addr.arpa

    • 8.8.8.8:53
      208.194.73.20.in-addr.arpa
      dns
      288 B
       158 B
       4
      1

      DNS Request

      208.194.73.20.in-addr.arpa

      DNS Request

      208.194.73.20.in-addr.arpa

      DNS Request

      208.194.73.20.in-addr.arpa

      DNS Request

      208.194.73.20.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      167.109.18.2.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      167.109.18.2.in-addr.arpa

    • 8.8.8.8:53
      241.154.82.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      241.154.82.20.in-addr.arpa

    • 8.8.8.8:53
      198.187.3.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      198.187.3.20.in-addr.arpa

    • 8.8.8.8:53
      18.134.221.88.in-addr.arpa
      dns
      216 B
       137 B
       3
      1

      DNS Request

      18.134.221.88.in-addr.arpa

      DNS Request

      18.134.221.88.in-addr.arpa

      DNS Request

      18.134.221.88.in-addr.arpa

    • 8.8.8.8:53
      104.241.123.92.in-addr.arpa
      dns
      146 B
       139 B
       2
      1

      DNS Request

      104.241.123.92.in-addr.arpa

      DNS Request

      104.241.123.92.in-addr.arpa

    • 8.8.8.8:53
      119.110.54.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      119.110.54.20.in-addr.arpa

    • 8.8.8.8:53
      193.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      193.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      209.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      209.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      211.135.221.88.in-addr.arpa
      dns
      73 B
       139 B
       1
      1

      DNS Request

      211.135.221.88.in-addr.arpa

    • 8.8.8.8:53
      194.178.17.96.in-addr.arpa
      dns
      72 B
       274 B
       1
      2

      DNS Request

      194.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      55.36.223.20.in-addr.arpa
      dns
      142 B
       314 B
       2
      2

      DNS Request

      55.36.223.20.in-addr.arpa

      DNS Request

      55.36.223.20.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
      204.178.17.96.in-addr.arpa
      dns
      144 B
       2

      DNS Request

      204.178.17.96.in-addr.arpa

      DNS Request

      204.178.17.96.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.