Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Content.Wa...er.dll

windows7-x64

1

Content.Wa...er.dll

windows10-2004-x64

1

Content.Wa...ng.exe

windows7-x64

1

Content.Wa...ng.exe

windows10-2004-x64

1

Content.Wa...er.dll

windows7-x64

1

Content.Wa...er.dll

windows10-2004-x64

1

Content.Wa...ss.dll

windows7-x64

1

Content.Wa...ss.dll

windows10-2004-x64

1

Content.Wa...rp.dll

windows7-x64

1

Content.Wa...rp.dll

windows10-2004-x64

1

Content.Wa...rd.dll

windows7-x64

1

Content.Wa...rd.dll

windows10-2004-x64

1

Content.Wa.../H.dll

windows7-x64

1

Content.Wa.../H.dll

windows10-2004-x64

1

Content.Wa...me.dll

windows7-x64

1

Content.Wa...me.dll

windows10-2004-x64

1

Content.Wa...me.dll

windows7-x64

1

Content.Wa...me.dll

windows10-2004-x64

1

Content.Wa...it.dll

windows7-x64

1

Content.Wa...it.dll

windows10-2004-x64

1

Content.Wa...ty.dll

windows7-x64

1

Content.Wa...ty.dll

windows10-2004-x64

1

Content.Wa...on.dll

windows7-x64

1

Content.Wa...on.dll

windows10-2004-x64

1

Content.Wa...3D.dll

windows7-x64

1

Content.Wa...3D.dll

windows10-2004-x64

1

Content.Wa...at.dll

windows7-x64

1

Content.Wa...at.dll

windows10-2004-x64

1

Content.Wa...me.dll

windows7-x64

1

Content.Wa...me.dll

windows10-2004-x64

1

Content.Wa.../P.dll

windows7-x64

1

Content.Wa.../P.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    595s
  • max time network
    725s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/04/2024, 18:24 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Content.Warning.v1.9.b.Multiplayer/Content.Warning.v1.9.b.Multiplayer/Content Warning_Data/Managed/MeshSplit.dll

  • Size

    20KB

  • MD5

    69001639e30fe2bfaba35916017e388f

  • SHA1

    ea65696c0dd18b861486f33f543512525b1722ed

  • SHA256

    ee9d808ca951e113b188b63ab24f95159652354189dbd54584a70c5e6a70212c

  • SHA512

    9cb9efe86bbe8e3d30bbcede808bae5e6706283ff446f3bd1486b631b272185ac71e68d2921ebcc8040f11052af0cded6fe4e5e6f4d259d75b8d5091ffe4adbe

  • SSDEEP

    384:0T4MWNS6ecwBVt6MX/pw4aC5b0Tks0v1g9yIQHqj4:GvtVQIq4ambs0yQKj4

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Content.Warning.v1.9.b.Multiplayer\Content.Warning.v1.9.b.Multiplayer\Content Warning_Data\Managed\MeshSplit.dll",#1
    1⤵
      PID:3404
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4036 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:1872

      Network

      • flag-us
        DNS
        183.142.211.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        183.142.211.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        249.197.17.2.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        249.197.17.2.in-addr.arpa
        IN PTR
        Response
        249.197.17.2.in-addr.arpa
        IN PTR
        a2-17-197-249deploystaticakamaitechnologiescom
      • flag-us
        DNS
        103.169.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        103.169.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        198.187.3.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        198.187.3.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        99.58.20.217.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        99.58.20.217.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        67.31.126.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        67.31.126.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        5.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        5.173.189.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        5.173.189.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        5.173.189.20.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        172.210.232.199.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        172.210.232.199.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        4.159.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        4.159.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        97.17.167.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        97.17.167.52.in-addr.arpa
        IN PTR
        Response
      • 142.250.200.42:443
        92 B
         40 B
         2
        1
      • 13.107.246.64:443
        92 B
         40 B
         2
        1
      • 8.8.8.8:53
        183.142.211.20.in-addr.arpa
        dns
        73 B
         159 B
         1
        1

        DNS Request

        183.142.211.20.in-addr.arpa

      • 8.8.8.8:53
        249.197.17.2.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        249.197.17.2.in-addr.arpa

      • 8.8.8.8:53
        103.169.127.40.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        103.169.127.40.in-addr.arpa

      • 8.8.8.8:53
        198.187.3.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        198.187.3.20.in-addr.arpa

      • 8.8.8.8:53
        99.58.20.217.in-addr.arpa
        dns
        71 B
         131 B
         1
        1

        DNS Request

        99.58.20.217.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        67.31.126.40.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        67.31.126.40.in-addr.arpa

      • 8.8.8.8:53
        5.173.189.20.in-addr.arpa
        dns
        142 B
         157 B
         2
        1

        DNS Request

        5.173.189.20.in-addr.arpa

        DNS Request

        5.173.189.20.in-addr.arpa

      • 8.8.8.8:53
        172.210.232.199.in-addr.arpa
        dns
        74 B
         128 B
         1
        1

        DNS Request

        172.210.232.199.in-addr.arpa

      • 8.8.8.8:53
        4.159.190.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        4.159.190.20.in-addr.arpa

      • 8.8.8.8:53
        97.17.167.52.in-addr.arpa
        dns
        71 B
         145 B
         1
        1

        DNS Request

        97.17.167.52.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.