Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

2437982be9...7e.exe

windows7-x64

1

2437982be9...7e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    129s
  • max time network
    89s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 02:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2437982be9be1a0a627d814c16ed277e.exe

  • Size

    40KB

  • MD5

    2437982be9be1a0a627d814c16ed277e

  • SHA1

    253d02e12357371c575a5efdc6727f6cf332e530

  • SHA256

    3075e9f767c153ccb8f6f5c19aaa8cce3628a40fe612f898b703368acc510252

  • SHA512

    ea6190d7112792f4fb11e135efa66d1ae06479fd14ad106dd9ffc38701d9ac0de008805245e4445a083db64f93b1ab00d9fc3b23542aa6afe297731da03f899d

  • SSDEEP

    384:iZiq6mZ3tlEJ5ZQxfp0ILlU+a8u0j57ifH12ZHwPhcqpQdCPmbfBxd2l7LC:fq6mdanRILlUl85t+YZGhNeBxds

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2437982be9be1a0a627d814c16ed277e.exe
    "C:\Users\Admin\AppData\Local\Temp\2437982be9be1a0a627d814c16ed277e.exe"
    1⤵
      PID:3132

    Network

    • flag-us
      DNS
      19.177.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.177.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.204.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.204.248.87.in-addr.arpa
      IN PTR
      Response
      0.204.248.87.in-addr.arpa
      IN PTR
      https-87-248-204-0lhrllnwnet
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      205.47.74.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      205.47.74.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      Remote address:
      8.8.8.8:53
      Response
      18.134.221.88.in-addr.arpa
      IN PTR
      a88-221-134-18deploystaticakamaitechnologiescom
    • 88.221.134.18:80
      92 B
       40 B
       2
      1
    • 52.142.223.178:80
      52 B
       1
    • 51.124.78.146:443
    • 20.123.104.105:443
    • 96.16.110.41:443
    • 192.229.221.95:80
    • 20.123.104.105:443
    • 13.85.23.86:443
    • 40.127.240.158:443
    • 4.231.128.59:443
    • 4.231.128.59:443
    • 96.16.110.114:80
    • 138.91.171.81:80
    • 13.85.23.86:443
    • 52.165.164.15:443
    • 20.114.59.183:443
    • 20.114.59.183:443
    • 88.221.135.217:80
    • 96.16.110.114:80
    • 20.231.121.79:80
    • 20.114.59.183:443
    • 20.114.59.183:443
    • 87.248.204.0:80
    • 52.165.164.15:443
    • 87.248.204.0:80
    • 23.37.1.183:80
    • 23.37.1.183:80
    • 20.123.104.105:443
    • 20.223.36.55:443
    • 20.54.110.119:443
    • 96.16.110.114:80
    • 87.248.204.0:80
    • 52.165.164.15:443
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 87.248.204.0:80
    • 87.248.204.0:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 88.221.134.18:80
    • 87.248.204.0:80
    • 87.248.204.0:80
    • 87.248.204.0:80
    • 93.184.221.240:80
    • 52.111.229.19:443
    • 96.16.110.114:80
    • 52.142.223.178:80
    • 20.223.35.26:443
    • 20.223.35.26:443
    • 20.223.35.26:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 192.229.221.95:80
    • 8.8.8.8:53
      19.177.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      19.177.190.20.in-addr.arpa

    • 8.8.8.8:53
      0.204.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      0.204.248.87.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      208.194.73.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      208.194.73.20.in-addr.arpa

    • 8.8.8.8:53
      205.47.74.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      205.47.74.20.in-addr.arpa

    • 8.8.8.8:53
      dns
      137 B
       1
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3132-0-0x00000000000A0000-0x00000000000C0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/3132-1-0x00000000000A0000-0x00000000000C0000-memory.dmp

      Filesize

      128KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.