Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

AhMyth-Setup_x64.exe

windows10-1703-x64

7

$PLUGINSDI...er.dll

windows10-1703-x64

3

$PLUGINSDI...ls.dll

windows10-1703-x64

3

$PLUGINSDI...em.dll

windows10-1703-x64

3

$PLUGINSDI...ll.dll

windows10-1703-x64

3

AhMyth.exe

windows10-1703-x64

7

LICENSES.c...m.html

windows10-1703-x64

4

d3dcompiler_47.dll

windows10-1703-x64

1

ffmpeg.dll

windows10-1703-x64

1

libEGL.dll

windows10-1703-x64

1

libGLESv2.dll

windows10-1703-x64

1

resources/...th.apk

windows10-1703-x64

3

resources/...dex.js

windows10-1703-x64

3

resources/...owl.js

windows10-1703-x64

3

resources/...ils.js

windows10-1703-x64

3

resources/...oon.js

windows10-1703-x64

3

resources/...owl.js

windows10-1703-x64

3

resources/...ter.js

windows10-1703-x64

3

resources/...end.js

windows10-1703-x64

3

resources/...ter.js

windows10-1703-x64

3

resources/...tifier

windows10-1703-x64

1

resources/...nt.rtf

windows10-1703-x64

1

resources/...fu.exe

windows10-1703-x64

3

resources/...64.exe

windows10-1703-x64

1

resources/...st.exe

windows10-1703-x64

3

resources/elevate.exe

windows10-1703-x64

3

swiftshade...GL.dll

windows10-1703-x64

1

swiftshade...v2.dll

windows10-1703-x64

1

vk_swiftshader.dll

windows10-1703-x64

1

$PLUGINSDI...ec.dll

windows10-1703-x64

3

$PLUGINSDI...7z.dll

windows10-1703-x64

3

Uninstall AhMyth.exe

windows10-1703-x64

7

Analysis

  • max time kernel
    128s
  • max time network
    146s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    06/08/2024, 01:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app.asar.unpacked/node_modules/node-notifier/notifiers/toaster.js

  • Size

    2KB

  • MD5

    4294813990be42f6b4307279347da4cb

  • SHA1

    2e75bf3ebf52fe8307e64b2f7bc6534e30b3104c

  • SHA256

    2e7bdaa630864a1001baff9aba572efcefd3cd89f3b78948fd9542eb8b836fda

  • SHA512

    331e06de01011d0ee299ef0f780dd0121f63d4f6faef9e740a4442d1e00ec9cbc554bcf0e2e8c45f991c0cdc6a061994e1f541e335fa708547e73ec4fbd0ab3b

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\node-notifier\notifiers\toaster.js
    1⤵
      PID:4836

    Network

    • flag-us
      DNS
      11.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      11.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      8.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.173.189.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      11.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      11.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      8.173.189.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      8.173.189.20.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.