Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

winformstesting.exe

windows7-x64

1

winformstesting.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/06/2024, 07:09 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    winformstesting.exe

  • Size

    9KB

  • MD5

    65d5d4e37d8d70df47eba375cdbe6697

  • SHA1

    d1f70c0dc2352362ee7a6ac1a6c9e5f7be6c1e51

  • SHA256

    cfbe18194bf35aa5ba405be75cf3ee2b51135ed8570a7862077f095ffc70aeed

  • SHA512

    7af2f574f77415595df2be70a92069381b6a82693ce0e13fc0249d98ad4b16fb3638bd3c5b47d9f218a1c00667ee1272371a0123371c99fd4ed7e3dd2680e24c

  • SSDEEP

    192:QVE0+AtNbCv7SXqNQKwVuTC4jQ82ekVAj/s1QBuVSOefhQGD:QVEZAtNbCzSXqNNyQj/s1QAV6fWG

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\winformstesting.exe
    "C:\Users\Admin\AppData\Local\Temp\winformstesting.exe"
    1⤵
      PID:4480

    Network

    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      100.58.20.217.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      100.58.20.217.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      17.160.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      17.160.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      13.86.106.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      13.86.106.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      56.126.166.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.126.166.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      56.110.63.41.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.110.63.41.in-addr.arpa
      IN PTR
      Response
      56.110.63.41.in-addr.arpa
      IN PTR
      https-41-63-110-56saabllnwnet
    • flag-us
      DNS
      0.205.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.205.248.87.in-addr.arpa
      IN PTR
      Response
      0.205.248.87.in-addr.arpa
      IN PTR
      https-87-248-205-0lgwllnwnet
    • flag-us
      DNS
      14.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      89.65.42.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      89.65.42.20.in-addr.arpa
      IN PTR
      Response
    • 52.111.229.43:443
      322 B
       7
    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      100.58.20.217.in-addr.arpa
      dns
      72 B
       132 B
       1
      1

      DNS Request

      100.58.20.217.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      17.160.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      17.160.190.20.in-addr.arpa

    • 8.8.8.8:53
      13.86.106.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      13.86.106.20.in-addr.arpa

    • 8.8.8.8:53
      86.23.85.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      56.126.166.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      56.126.166.20.in-addr.arpa

    • 8.8.8.8:53
      56.110.63.41.in-addr.arpa
      dns
      71 B
       117 B
       1
      1

      DNS Request

      56.110.63.41.in-addr.arpa

    • 8.8.8.8:53
      0.205.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      0.205.248.87.in-addr.arpa

    • 8.8.8.8:53
      14.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      14.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      89.65.42.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      89.65.42.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4480-0-0x000000007464E000-0x000000007464F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4480-1-0x0000000000490000-0x0000000000498000-memory.dmp

      Filesize

      32KB

      Download

    • memory/4480-2-0x0000000005380000-0x0000000005924000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/4480-3-0x0000000004DD0000-0x0000000004E62000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4480-4-0x0000000004D60000-0x0000000004D6A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4480-5-0x0000000074640000-0x0000000074DF0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4480-6-0x000000007464E000-0x000000007464F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4480-7-0x0000000074640000-0x0000000074DF0000-memory.dmp

      Filesize

      7.7MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.