Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

TrafficerM...dex.js

windows10-2004-x64

3

TrafficerM...dex.js

windows11-21h2-x64

3

TrafficerM...afk.js

windows10-2004-x64

3

TrafficerM...afk.js

windows11-21h2-x64

3

TrafficerM...uth.js

windows10-2004-x64

3

TrafficerM...uth.js

windows11-21h2-x64

3

TrafficerM...ils.js

windows10-2004-x64

3

TrafficerM...ils.js

windows11-21h2-x64

3

TrafficerM...eck.js

windows10-2004-x64

3

TrafficerM...eck.js

windows11-21h2-x64

3

TrafficerM...ler.js

windows10-2004-x64

3

TrafficerM...ler.js

windows11-21h2-x64

3

TrafficerM...ape.js

windows10-2004-x64

3

TrafficerM...ape.js

windows11-21h2-x64

3

TrafficerM...dex.js

windows10-2004-x64

3

TrafficerM...dex.js

windows11-21h2-x64

3

TrafficerM...x.html

windows10-2004-x64

1

TrafficerM...x.html

windows11-21h2-x64

1

TrafficerM...dex.js

windows10-2004-x64

3

TrafficerM...dex.js

windows11-21h2-x64

3

Analysis

  • max time kernel
    132s
  • max time network
    124s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/07/2024, 13:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TrafficerMC-3.1/src/main/index.js

  • Size

    17KB

  • MD5

    e0609b8f5153048ff7c2cdd500c0e032

  • SHA1

    d094ce8c974746a31cf93f71d240df7e336f2bdd

  • SHA256

    87c921b38d3cfe2174379caa35e42f7b5a2c539714a54d11df0facf95c256e43

  • SHA512

    be33cee0f1c776c38c6461fe167c4cf0c9495c1d4e9f76812011c9abb5f107d2e6f38840d990f658a3b32cf02258729ed92d424e75fe4281901c2a1d41915602

  • SSDEEP

    384:G4et5AyCHyZUwC+yobF4kM3NSjM81HZTiSrU5d9U+9KZHa:hq5vyDkM3sIuHZlrU5ga

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\TrafficerMC-3.1\src\main\index.js
    1⤵
      PID:1036

    Network

    • flag-us
      DNS
      88.156.103.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.156.103.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      IN A
      20.199.58.43
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      download.windowsupdate.com.edgesuite.net
      download.windowsupdate.com.edgesuite.net
      IN CNAME
      a767.dspw65.akamai.net
      a767.dspw65.akamai.net
      IN A
      2.22.144.73
      a767.dspw65.akamai.net
      IN A
      2.22.144.81
    • flag-us
      DNS
      ris.api.iris.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      ris.api.iris.microsoft.com
      IN A
      Response
      ris.api.iris.microsoft.com
      IN CNAME
      ris-prod.trafficmanager.net
      ris-prod.trafficmanager.net
      IN CNAME
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      IN A
      20.234.120.54
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.com
      iris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.com
      IN A
      20.223.36.55
    • flag-us
      DNS
      2.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      2.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      43.58.199.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.58.199.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      10.27.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.27.171.150.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-weu.westeurope.cloudapp.azure.com
      iris-de-prod-azsc-v2-weu.westeurope.cloudapp.azure.com
      IN A
      20.103.156.88
    • flag-us
      DNS
      14.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.227.111.52.in-addr.arpa
      IN PTR
      Response
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      120.6kB
       3.4MB
       2467
      2465
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 8.8.8.8:53
      88.156.103.20.in-addr.arpa
      dns
      389 B
       1.2kB
       6
      6

      DNS Request

      88.156.103.20.in-addr.arpa

      DNS Request

      arc.msn.com

      DNS Response

      20.199.58.43

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.27.10
      150.171.28.10

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      2.22.144.73
      2.22.144.81

      DNS Request

      ris.api.iris.microsoft.com

      DNS Response

      20.234.120.54

      DNS Request

      arc.msn.com

      DNS Response

      20.223.36.55

    • 8.8.8.8:53
      2.159.190.20.in-addr.arpa
      dns
      343 B
       804 B
       5
      5

      DNS Request

      2.159.190.20.in-addr.arpa

      DNS Request

      43.58.199.20.in-addr.arpa

      DNS Request

      10.27.171.150.in-addr.arpa

      DNS Request

      arc.msn.com

      DNS Response

      20.103.156.88

      DNS Request

      14.227.111.52.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.