Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

DroidCam_6.5.2.exe

windows7-x64

8

DroidCam_6.5.2.exe

windows10-2004-x64

8

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

DroidCamApp.exe

windows7-x64

1

DroidCamApp.exe

windows10-2004-x64

1

adb/AdbWinApi.dll

windows7-x64

3

adb/AdbWinApi.dll

windows10-2004-x64

3

adb/AdbWinUsbApi.dll

windows7-x64

1

adb/AdbWinUsbApi.dll

windows10-2004-x64

3

adb/adb.exe

windows7-x64

1

adb/adb.exe

windows10-2004-x64

1

lib/DroidC...32.dll

windows7-x64

1

lib/DroidC...32.dll

windows10-2004-x64

1

lib/insdrv.exe

windows7-x64

1

lib/insdrv.exe

windows10-2004-x64

1

plist.dll

windows7-x64

3

plist.dll

windows10-2004-x64

3

usbmuxd.dll

windows7-x64

1

usbmuxd.dll

windows10-2004-x64

1

vc_redist.x86.exe

windows7-x64

7

vc_redist.x86.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    114s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/02/2024, 16:20 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    adb/adb.exe

  • Size

    4.5MB

  • MD5

    3cb9f5e6fa7f2b9949f375f7f7ab2586

  • SHA1

    340a7e2a5b3ac0c3077b8cf7ab476ce0139c3f47

  • SHA256

    634ab9882b5427a245bd139e5b7a2b5d10b24c4b50506257b5404c01882ccc02

  • SHA512

    90132034b2076afab6253a17e3792f797fd888d5f1cdc47e399772bfb97de1567cbd0ea2fff253d232c97da2b4446e7ec7a96931a480675f60a338f2f24e8b12

  • SSDEEP

    49152:vcTKhBwmtIIt8U731BjvgVkJVBvZyBdcBeqOOYHKi3TuuByiPT5mj4yl264bJlck:vGTUI1U731BjnP4cBeHO9pu+GED/0+

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\adb\adb.exe
    "C:\Users\Admin\AppData\Local\Temp\adb\adb.exe"
    1⤵
      PID:5064

    Network

    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.a-0001.a-msedge.net
      g-bing-com.a-0001.a-msedge.net
      IN CNAME
      dual-a-0001.a-msedge.net
      dual-a-0001.a-msedge.net
      IN A
      204.79.197.200
      dual-a-0001.a-msedge.net
      IN A
      13.107.21.200
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=
      Remote address:
      204.79.197.200:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=118CA43275B560F83ADDB01D74926125; domain=.bing.com; expires=Thu, 20-Mar-2025 16:20:48 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: CD8B1C8CC4884A81992A66CB1306F041 Ref B: LON04EDGE0606 Ref C: 2024-02-24T16:20:48Z
      date: Sat, 24 Feb 2024 16:20:48 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=
      Remote address:
      204.79.197.200:443
      Request
      GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=118CA43275B560F83ADDB01D74926125
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=pubFqIV3NvoTtC3lCn2F3lXWznS5kNjFOEitojCGINE; domain=.bing.com; expires=Thu, 20-Mar-2025 16:20:48 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 725C545F00F545AF9C39B0F231C740F3 Ref B: LON04EDGE0606 Ref C: 2024-02-24T16:20:48Z
      date: Sat, 24 Feb 2024 16:20:48 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=
      Remote address:
      204.79.197.200:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=118CA43275B560F83ADDB01D74926125; MSPTC=pubFqIV3NvoTtC3lCn2F3lXWznS5kNjFOEitojCGINE
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: D6BBD409EEB046F88287316A977D8B14 Ref B: LON04EDGE0606 Ref C: 2024-02-24T16:20:48Z
      date: Sat, 24 Feb 2024 16:20:48 GMT
    • flag-us
      DNS
      69.31.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      69.31.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      189.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      189.178.17.96.in-addr.arpa
      IN PTR
      Response
      189.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-189deploystaticakamaitechnologiescom
    • flag-us
      DNS
      9.228.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      9.228.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.156.103.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.156.103.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      41.110.16.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      41.110.16.96.in-addr.arpa
      IN PTR
      Response
      41.110.16.96.in-addr.arpa
      IN PTR
      a96-16-110-41deploystaticakamaitechnologiescom
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      157.123.68.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.123.68.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.134.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.134.221.88.in-addr.arpa
      IN PTR
      Response
      18.134.221.88.in-addr.arpa
      IN PTR
      a88-221-134-18deploystaticakamaitechnologiescom
    • flag-us
      DNS
      173.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      173.178.17.96.in-addr.arpa
      IN PTR
      Response
      173.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-173deploystaticakamaitechnologiescom
    • flag-us
      DNS
      210.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      210.178.17.96.in-addr.arpa
      IN PTR
      Response
      210.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-210deploystaticakamaitechnologiescom
    • flag-us
      DNS
      23.236.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      23.236.111.52.in-addr.arpa
      IN PTR
      Response
    • 204.79.197.200:443
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=
      tls, http2
      2.0kB
       9.2kB
       22
      19

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0a1fde58f827433999a043107320cf63&localId=w:867ED858-1D0A-6FCF-0145-C8B293C96788&deviceId=6966557280425084&anid=

      HTTP Response

      204
    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       158 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      204.79.197.200
      13.107.21.200

    • 8.8.8.8:53
      69.31.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      69.31.126.40.in-addr.arpa

    • 8.8.8.8:53
      189.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      189.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      9.228.82.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      9.228.82.20.in-addr.arpa

    • 8.8.8.8:53
      88.156.103.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      88.156.103.20.in-addr.arpa

    • 8.8.8.8:53
      41.110.16.96.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      41.110.16.96.in-addr.arpa

    • 8.8.8.8:53
      157.123.68.40.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      157.123.68.40.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      18.134.221.88.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      18.134.221.88.in-addr.arpa

    • 8.8.8.8:53
      173.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      173.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      210.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      210.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      23.236.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      23.236.111.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.