Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

captainsim...es.rar

windows7-x64

3

captainsim...es.rar

windows10-2004-x64

3

captainsim...tz.ttf

windows7-x64

4

captainsim...tz.ttf

windows10-2004-x64

7

captainsim...ar.ttf

windows7-x64

3

captainsim...ar.ttf

windows10-2004-x64

7

captainsim...ch.flt

windows7-x64

3

captainsim...ch.flt

windows10-2004-x64

3

captainsim...se.flt

windows7-x64

3

captainsim...se.flt

windows10-2004-x64

3

captainsim...ft.cfg

windows7-x64

3

captainsim...ft.cfg

windows10-2004-x64

3

captainsim...on.flt

windows7-x64

3

captainsim...on.flt

windows10-2004-x64

3

captainsim...as.cfg

windows7-x64

3

captainsim...as.cfg

windows10-2004-x64

3

captainsim...mb.flt

windows7-x64

3

captainsim...mb.flt

windows10-2004-x64

3

captainsim...es.cfg

windows7-x64

3

captainsim...es.cfg

windows10-2004-x64

3

captainsim...al.flt

windows7-x64

3

captainsim...al.flt

windows10-2004-x64

3

captainsim...el.cfg

windows7-x64

3

captainsim...el.cfg

windows10-2004-x64

3

captainsim...ay.cfg

windows7-x64

3

captainsim...ay.cfg

windows10-2004-x64

3

captainsim...04.bin

windows7-x64

3

captainsim...04.bin

windows10-2004-x64

3

captainsim...4.gltf

windows7-x64

3

captainsim...4.gltf

windows10-2004-x64

3

captainsim...04.xml

windows7-x64

3

captainsim...04.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/09/2024, 17:50 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    captainsim-aircraft-m774/SimObjects/Airplanes/CS_B777F_GE110B1/model/m774_404.xml

  • Size

    31KB

  • MD5

    235afcc25e6f7c8c5d9b01a7776af677

  • SHA1

    896ce6e231da6e619e8963661788ed81194b6731

  • SHA256

    0d5b603c6ce47cb46130886b31a73f905b5cc3e0d79023dd9725303ff5a76e9a

  • SHA512

    e09cf61e7ec92bc7501905c94de6c5cfe8b7ec033826cc39126835560b1de9a687fffa98b06da8f548d2926f2364e92625afc3c97c8a8769bf364693463b5931

  • SSDEEP

    384:dTNg0f/EZwaMjjsAzU8VA1A7ArAUAxACAXAgASABTho3z+g:dT8qqOscDiJwnZy

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\captainsim-aircraft-m774\SimObjects\Airplanes\CS_B777F_GE110B1\model\m774_404.xml"
    1⤵
      PID:3932

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      240.221.184.93.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.221.184.93.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      76.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      76.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      98.117.19.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.117.19.2.in-addr.arpa
      IN PTR
      Response
      98.117.19.2.in-addr.arpa
      IN PTR
      a2-19-117-98deploystaticakamaitechnologiescom
    • flag-us
      DNS
      69.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      69.209.201.84.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      69.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      69.209.201.84.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      22.236.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      22.236.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      67.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      67.209.201.84.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      240.221.184.93.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      240.221.184.93.in-addr.arpa

    • 8.8.8.8:53
      76.32.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      76.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      26.165.165.52.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      26.165.165.52.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      98.117.19.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      98.117.19.2.in-addr.arpa

    • 8.8.8.8:53
      69.209.201.84.in-addr.arpa
      dns
      144 B
       132 B
       2
      1

      DNS Request

      69.209.201.84.in-addr.arpa

      DNS Request

      69.209.201.84.in-addr.arpa

    • 8.8.8.8:53
      22.236.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      22.236.111.52.in-addr.arpa

    • 8.8.8.8:53
      67.209.201.84.in-addr.arpa
      dns
      72 B
       132 B
       1
      1

      DNS Request

      67.209.201.84.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3932-0-0x00007FFD54770000-0x00007FFD54780000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3932-1-0x00007FFD9478D000-0x00007FFD9478E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3932-3-0x00007FFD946F0000-0x00007FFD948E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3932-2-0x00007FFD946F0000-0x00007FFD948E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3932-4-0x00007FFD946F0000-0x00007FFD948E5000-memory.dmp

      Filesize

      2.0MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.