Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

8a9b58dda0...b4.exe

windows7-x64

1

8a9b58dda0...b4.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    92s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/02/2024, 03:13 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4.exe

  • Size

    53KB

  • MD5

    141d3929774d61692a2e7e131fb9d1f0

  • SHA1

    5ce4b97e883c22b1821b83218b83e90385f8b079

  • SHA256

    8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4

  • SHA512

    1770bb9f0cf2223fa8911e1035bf15775ee067a7cddb3766502ddb24369d3c22fcba78cbc97454de248fe047536ac1b459b14117f9fffe6dc68abf4d98677e97

  • SSDEEP

    768:h5DN+HMK88L9O+B9oArLiVz0bcHBbM4KElNm2Y6ejiaV7FPEHh51zF3CQ55ZwKw:hrrrH53FY65Hh5hFf55ZwKw

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4.exe
    "C:\Users\Admin\AppData\Local\Temp\8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4.exe"
    1⤵
      PID:2532

    Network

    • flag-us
      DNS
      149.220.183.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      149.220.183.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      win32avemaria.com
      8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4.exe
      Remote address:
      8.8.8.8:53
      Request
      win32avemaria.com
      IN A
      Response
    • flag-us
      DNS
      173.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.178.17.96.in-addr.arpa
      IN PTR
      Response
      173.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-173deploystaticakamaitechnologiescom
    • flag-us
      DNS
      136.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      136.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      28.118.140.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      28.118.140.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      103.169.127.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      103.169.127.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      240.221.184.93.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.221.184.93.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      48.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      48.229.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      149.220.183.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      149.220.183.52.in-addr.arpa

    • 8.8.8.8:53
      win32avemaria.com
      dns
      8a9b58dda00b9d042b64f9ac6f3984daacb2ee7336c5ca25a363f84f3b0082b4.exe
      63 B
       136 B
       1
      1

      DNS Request

      win32avemaria.com

    • 8.8.8.8:53
      173.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      173.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      136.32.126.40.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      136.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      28.118.140.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      28.118.140.52.in-addr.arpa

    • 8.8.8.8:53
      103.169.127.40.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      103.169.127.40.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      240.221.184.93.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      240.221.184.93.in-addr.arpa

    • 8.8.8.8:53
      48.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      48.229.111.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2532-1-0x0000000075250000-0x0000000075A00000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2532-0-0x0000000000290000-0x00000000002A4000-memory.dmp

      Filesize

      80KB

      Download

    • memory/2532-2-0x0000000004BB0000-0x0000000004BCA000-memory.dmp

      Filesize

      104KB

      Download

    • memory/2532-3-0x0000000005300000-0x00000000058A4000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/2532-4-0x0000000004D50000-0x0000000004DE2000-memory.dmp

      Filesize

      584KB

      Download

    • memory/2532-5-0x0000000004F70000-0x0000000004F80000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2532-6-0x0000000004CD0000-0x0000000004CDA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2532-7-0x0000000005240000-0x00000000052DC000-memory.dmp

      Filesize

      624KB

      Download

    • memory/2532-8-0x0000000004F70000-0x0000000004F80000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2532-9-0x0000000075250000-0x0000000075A00000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2532-10-0x0000000004F70000-0x0000000004F80000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2532-11-0x0000000004F70000-0x0000000004F80000-memory.dmp

      Filesize

      64KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.