Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

Graillon-F....0.exe

windows10-1703-x64

4

Graillon-F....0.exe

windows10-2004-x64

3

Graillon-F....0.exe

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows10-1703-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$_26_/Aubu...64.dll

windows10-1703-x64

1

$_26_/Aubu...64.dll

windows10-2004-x64

1

$_26_/Aubu...64.dll

windows11-21h2-x64

1

$_27_/Aubu... 2.dll

windows10-1703-x64

3

$_27_/Aubu... 2.dll

windows10-2004-x64

3

$_27_/Aubu... 2.dll

windows11-21h2-x64

3

$_28_/Grai...64.dll

windows10-1703-x64

1

$_28_/Grai...64.dll

windows10-2004-x64

1

$_28_/Grai...64.dll

windows11-21h2-x64

1

Resubmissions

07/07/2024, 20:29 UTC

240707-y91taaxgjk 4

07/07/2024, 20:21 UTC

240707-y48lyaxflq 4

20/04/2024, 11:56 UTC

240420-n355bagg7x 4

Analysis

  • max time kernel
    141s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/04/2024, 11:56 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_26_/Auburn Sounds Graillon 2-64.dll

  • Size

    2.5MB

  • MD5

    9c517e37aed2a0466aac62ded29df6af

  • SHA1

    0385b97f7e65517088d3f203ba11de55f99e4e7d

  • SHA256

    bdd255cd980dcec364e93dfb86cb79a5f0d693753f4d0faff6f6b6c4c2424bb4

  • SHA512

    a582f527729243490bbedb0bc88fdfae5b657e9b5efed7e0bc8e53db10df61a432f3f97fe9396711d0e527bbc0a90913d5e7c2e8bc250524694b8a23f77f1665

  • SSDEEP

    49152:z4cnv7ZFpe+XZWVa6o6bF8YmbDVq7V0Y/U9+X8bfU8Nkz:pQaMb+YmbZqxsY/

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$_26_\Auburn Sounds Graillon 2-64.dll",#1
    1⤵
      PID:3560
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1312 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:2336

      Network

      • flag-us
        DNS
        82.90.14.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        82.90.14.23.in-addr.arpa
        IN PTR
        Response
        82.90.14.23.in-addr.arpa
        IN PTR
        a23-14-90-82deploystaticakamaitechnologiescom
      • flag-us
        DNS
        82.90.14.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        82.90.14.23.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        217.106.137.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        217.106.137.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        217.106.137.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        217.106.137.52.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        50.23.12.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        50.23.12.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        50.23.12.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        50.23.12.20.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        18.31.95.13.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        18.31.95.13.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        65.139.73.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        65.139.73.23.in-addr.arpa
        IN PTR
        Response
        65.139.73.23.in-addr.arpa
        IN PTR
        a23-73-139-65deploystaticakamaitechnologiescom
      • flag-us
        DNS
        0.159.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        0.159.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
      • flag-us
        DNS
        11.227.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        11.227.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        91.90.14.23.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        91.90.14.23.in-addr.arpa
        IN PTR
        Response
        91.90.14.23.in-addr.arpa
        IN PTR
        a23-14-90-91deploystaticakamaitechnologiescom
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN A
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN Unknown
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN A
        Response
        chromewebstore.googleapis.com
        IN A
        142.250.180.10
        chromewebstore.googleapis.com
        IN A
        142.250.187.202
        chromewebstore.googleapis.com
        IN A
        142.250.187.234
        chromewebstore.googleapis.com
        IN A
        142.250.178.10
        chromewebstore.googleapis.com
        IN A
        172.217.16.234
        chromewebstore.googleapis.com
        IN A
        142.250.200.10
        chromewebstore.googleapis.com
        IN A
        142.250.200.42
        chromewebstore.googleapis.com
        IN A
        216.58.201.106
        chromewebstore.googleapis.com
        IN A
        216.58.204.74
        chromewebstore.googleapis.com
        IN A
        216.58.213.10
        chromewebstore.googleapis.com
        IN A
        172.217.169.10
        chromewebstore.googleapis.com
        IN A
        216.58.212.202
        chromewebstore.googleapis.com
        IN A
        172.217.169.74
        chromewebstore.googleapis.com
        IN A
        172.217.169.42
        chromewebstore.googleapis.com
        IN A
        142.250.179.234
      • flag-us
        DNS
        chromewebstore.googleapis.com
        Remote address:
        8.8.8.8:53
        Request
        chromewebstore.googleapis.com
        IN Unknown
        Response
      • flag-us
        DNS
        10.180.250.142.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        10.180.250.142.in-addr.arpa
        IN PTR
        Response
        10.180.250.142.in-addr.arpa
        IN PTR
        lhr25s32-in-f101e100net
      • flag-us
        DNS
        121.150.79.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        121.150.79.40.in-addr.arpa
        IN PTR
        Response
      • 13.107.253.64:443
        46 B
         40 B
         1
        1
      • 142.250.180.10:443
        chromewebstore.googleapis.com
        tls
        2.1kB
         9.2kB
         18
        15
      • 8.8.8.8:53
        82.90.14.23.in-addr.arpa
        dns
        140 B
         133 B
         2
        1

        DNS Request

        82.90.14.23.in-addr.arpa

        DNS Request

        82.90.14.23.in-addr.arpa

      • 8.8.8.8:53
        217.106.137.52.in-addr.arpa
        dns
        146 B
         147 B
         2
        1

        DNS Request

        217.106.137.52.in-addr.arpa

        DNS Request

        217.106.137.52.in-addr.arpa

      • 8.8.8.8:53
        50.23.12.20.in-addr.arpa
        dns
        140 B
         156 B
         2
        1

        DNS Request

        50.23.12.20.in-addr.arpa

        DNS Request

        50.23.12.20.in-addr.arpa

      • 8.8.8.8:53
        18.31.95.13.in-addr.arpa
        dns
        70 B
         144 B
         1
        1

        DNS Request

        18.31.95.13.in-addr.arpa

      • 8.8.8.8:53
        65.139.73.23.in-addr.arpa
        dns
        71 B
         135 B
         1
        1

        DNS Request

        65.139.73.23.in-addr.arpa

      • 8.8.8.8:53
        0.159.190.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        0.159.190.20.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        146 B
         144 B
         2
        1

        DNS Request

        95.221.229.192.in-addr.arpa

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        11.227.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        11.227.111.52.in-addr.arpa

      • 8.8.8.8:53
        91.90.14.23.in-addr.arpa
        dns
        70 B
         133 B
         1
        1

        DNS Request

        91.90.14.23.in-addr.arpa

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
         1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
         1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
         315 B
         1
        1

        DNS Request

        chromewebstore.googleapis.com

        DNS Response

        142.250.180.10
        142.250.187.202
        142.250.187.234
        142.250.178.10
        172.217.16.234
        142.250.200.10
        142.250.200.42
        216.58.201.106
        216.58.204.74
        216.58.213.10
        172.217.169.10
        216.58.212.202
        172.217.169.74
        172.217.169.42
        142.250.179.234

      • 8.8.8.8:53
        chromewebstore.googleapis.com
        dns
        75 B
         132 B
         1
        1

        DNS Request

        chromewebstore.googleapis.com

      • 8.8.8.8:53
        10.180.250.142.in-addr.arpa
        dns
        73 B
         112 B
         1
        1

        DNS Request

        10.180.250.142.in-addr.arpa

      • 8.8.8.8:53
        121.150.79.40.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        121.150.79.40.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.