ef4e0e2593eaccc73632054c0244e858e1dc0bc1149cde36d74bf41fb03fddb4

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

www/backen...ate.sh

windows7-x64

www/backen...ate.sh

windows10-2004-x64

www/backen...ler.js

windows7-x64

www/backen...ler.js

windows10-2004-x64

www/backen...ler.js

windows7-x64

www/backen...ler.js

windows10-2004-x64

www/backen...ler.js

windows7-x64

www/backen...ler.js

windows10-2004-x64

www/backen...ler.js

windows7-x64

www/backen...ler.js

windows10-2004-x64

www/backen...rce.js

windows7-x64

www/backen...rce.js

windows10-2004-x64

www/backen...der.js

windows7-x64

www/backen...der.js

windows10-2004-x64

www/backen...ice.js

windows7-x64

www/backen...ice.js

windows10-2004-x64

www/backen...ice.js

windows7-x64

www/backen...ice.js

windows10-2004-x64

www/backend/artisan

ubuntu-18.04-amd64

www/backend/artisan

debian-9-armhf

www/backend/artisan

debian-9-mips

www/backend/artisan

debian-9-mipsel

www/backen...er.ps1

windows7-x64

www/backen...er.ps1

windows10-2004-x64

www/backen...l.html

windows7-x64

www/backen...l.html

windows10-2004-x64

www/backen...p.html

windows7-x64

www/backen...p.html

windows10-2004-x64

www/backen...e.html

windows7-x64

www/backen...e.html

windows10-2004-x64

www/backen...d.html

windows7-x64

www/backen...d.html

windows10-2004-x64

Analysis

max time kernel
2s
max time network
130s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
06/04/2024, 20:54 UTC

Sharing

Copy URL

Twitter E-mail

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

www/backend/23.02.2023-update.sh

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

www/backend/23.02.2023-update.sh

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

www/backend/app/Http/Controllers/Api/v1/AutoCommandsController.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

www/backend/app/Http/Controllers/Api/v1/AutoCommandsController.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

www/backend/app/Http/Controllers/Api/v1/Bot/BotInjectionController.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

www/backend/app/Http/Controllers/Api/v1/Bot/BotInjectionController.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

www/backend/app/Http/Controllers/Api/v1/LogController.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

www/backend/app/Http/Controllers/Api/v1/LogController.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

www/backend/app/Http/Controllers/Api/v1/UserController.js

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

www/backend/app/Http/Controllers/Api/v1/UserController.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

www/backend/app/Http/Resources/Bot/BotResource.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

www/backend/app/Http/Resources/Bot/BotResource.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

www/backend/app/Providers/RouteServiceProvider.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

www/backend/app/Providers/RouteServiceProvider.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

www/backend/app/Services/InjectionsService.js

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

www/backend/app/Services/InjectionsService.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

www/backend/app/Services/LogsService/LogsService.js

Resource

win7-20240319-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

www/backend/app/Services/LogsService/LogsService.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

www/backend/artisan

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

www/backend/artisan

Resource

debian9-armhf-20240226-en

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

www/backend/artisan

Resource

debian9-mipsbe-20240226-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

www/backend/artisan

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

www/backend/database/seeders/RolesSeeder.ps1

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

www/backend/database/seeders/RolesSeeder.ps1

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

www/backend/public/injects/html/banks/ae.ahb.digital.html

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral26

Sample

www/backend/public/injects/html/banks/ae.ahb.digital.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral27

Sample

www/backend/public/injects/html/banks/ae.almasraf.mobileapp.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

www/backend/public/injects/html/banks/ae.almasraf.mobileapp.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral29

Sample

www/backend/public/injects/html/banks/ae.hsbc.hsbcuae.html

Resource

win7-20240319-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral30

Sample

www/backend/public/injects/html/banks/ae.hsbc.hsbcuae.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

www/backend/public/injects/html/banks/air.app.scb.breeze.android.main.my.prod.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral32

Sample

www/backend/public/injects/html/banks/air.app.scb.breeze.android.main.my.prod.html

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Report Analysis Logs

General

Target

www/backend/artisan
Size

1KB
MD5

9d88489831f90855deb8783a16c93408
SHA1

4e3b044dc634aeeb5133ded57e5e535fc52f2fbc
SHA256

f5645be808d32398cd215ef933c793d806ae56796190579dde4ca8888c584c1b
SHA512

5245655cd1b921e23224b03bfac1b555dba96400004a4fd8fef55a28a20338b943fda843770484be2f63e0a0eb1b501e658851c9b3cec3bb52cebb6fa0707a8a

Score

1^/10

Malware Config

Signatures

Processes

/tmp/www/backend/artisan
/tmp/www/backend/artisan
1⤵
PID:1556

/usr/local/sbin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/usr/local/bin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/usr/sbin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/usr/bin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/sbin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/bin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

/snap/bin/php
php /tmp/www/backend/artisan
1⤵
PID:1556

Network

No results found

151.101.2.49:443

tls

127 B
40 B
2
1
185.125.188.61:443

tls

135 B
2
185.125.188.61:443

tls

135 B
2
151.101.193.91:443

tls, https

233 B
40 B
1
1
151.101.193.91:443

extensions.gnome.org

tls

4.7kB
223.4kB
81
174
195.181.164.21:443

tls, https

2.5kB
11

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.