Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

13d5cad16a...8.html

windows7-x64

3

13d5cad16a...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    128s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/10/2024, 15:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    13d5cad16aa3ca4383f81c4fc7358558_JaffaCakes118.html

  • Size

    11KB

  • MD5

    13d5cad16aa3ca4383f81c4fc7358558

  • SHA1

    7ce90a138e1c265c042508be47b63cb7610db513

  • SHA256

    b528090db0153ed4794513374ee9e179efe7e4471e675e185b19d62a88aace23

  • SHA512

    3e4b14da97f1123f8e6fc33a8b31e64a29cf9af32b0f0dd8d18a39b5cf3756dc00c7b3124202523b2d71d741100f9d19f906a6f7349564acc5fe3d22ac23fb16

  • SSDEEP

    192:+LdQzuEKv/5nH16HPTLqOnMj0r6eye6WI1z+NxQhKpWhx0UUdLH1B7dKUPmKJ+1S:+LdQqH1w93ylF1NhC/dLHx1PmKcxoOJ2

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\13d5cad16aa3ca4383f81c4fc7358558_JaffaCakes118.html
    1⤵
      PID:1328
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=760,i,2727319350781907497,7925939240893079607,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:1
      1⤵
        PID:5100
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4744,i,2727319350781907497,7925939240893079607,262144 --variations-seed-version --mojo-platform-channel-handle=4832 /prefetch:1
        1⤵
          PID:4372
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5424,i,2727319350781907497,7925939240893079607,262144 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:8
          1⤵
            PID:4036
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5452,i,2727319350781907497,7925939240893079607,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8
            1⤵
              PID:3912
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5624,i,2727319350781907497,7925939240893079607,262144 --variations-seed-version --mojo-platform-channel-handle=5792 /prefetch:8
              1⤵
                PID:812

              Network

              • flag-us
                DNS
                8.8.8.8.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                8.8.8.8.in-addr.arpa
                IN PTR
                Response
                8.8.8.8.in-addr.arpa
                IN PTR
                dnsgoogle
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN A
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
                business-bing-com.b-0005.b-msedge.net
                IN CNAME
                b-0005.b-msedge.net
                b-0005.b-msedge.net
                IN A
                13.107.6.158
              • flag-us
                DNS
                business.bing.com
                Remote address:
                8.8.8.8:53
                Request
                business.bing.com
                IN Unknown
                Response
                business.bing.com
                IN CNAME
                business-bing-com.b-0005.b-msedge.net
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN A
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
                a416.dscd.akamai.net
                IN A
                2.19.117.71
                a416.dscd.akamai.net
                IN A
                2.19.117.83
              • flag-us
                DNS
                bzib.nelreports.net
                Remote address:
                8.8.8.8:53
                Request
                bzib.nelreports.net
                IN Unknown
                Response
                bzib.nelreports.net
                IN CNAME
                bzib.nelreports.net.akamaized.net
                bzib.nelreports.net.akamaized.net
                IN CNAME
                a416.dscd.akamai.net
              • flag-us
                DNS
                228.249.119.40.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                228.249.119.40.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                71.117.19.2.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                71.117.19.2.in-addr.arpa
                IN PTR
                Response
                71.117.19.2.in-addr.arpa
                IN PTR
                a2-19-117-71deploystaticakamaitechnologiescom
              • flag-us
                DNS
                172.214.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.214.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                95.221.229.192.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                95.221.229.192.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                14.160.190.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                14.160.190.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                232.168.11.51.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                232.168.11.51.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                174.128.123.92.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                174.128.123.92.in-addr.arpa
                IN PTR
                Response
                174.128.123.92.in-addr.arpa
                IN PTR
                a92-123-128-174deploystaticakamaitechnologiescom
              • flag-us
                DNS
                53.210.109.20.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                53.210.109.20.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                206.23.85.13.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                206.23.85.13.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                67.209.201.84.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                67.209.201.84.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                29.243.111.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                29.243.111.52.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                29.243.111.52.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                29.243.111.52.in-addr.arpa
                IN PTR
              • flag-us
                DNS
                186.128.123.92.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                186.128.123.92.in-addr.arpa
                IN PTR
                Response
                186.128.123.92.in-addr.arpa
                IN PTR
                a92-123-128-186deploystaticakamaitechnologiescom
              • flag-us
                DNS
                172.210.232.199.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                172.210.232.199.in-addr.arpa
                IN PTR
                Response
              • flag-us
                DNS
                226.162.46.104.in-addr.arpa
                Remote address:
                8.8.8.8:53
                Request
                226.162.46.104.in-addr.arpa
                IN PTR
                Response
              • 13.107.6.158:443
                business.bing.com
                tls
                3.9kB
                 10.3kB
                 21
                25
              • 2.19.117.71:443
                bzib.nelreports.net
                tls
                2.9kB
                 5.7kB
                 12
                13
              • 92.123.128.186:443
                www.bing.com
                tls
                2.3kB
                 5.5kB
                 12
                14
              • 8.8.8.8:53
                8.8.8.8.in-addr.arpa
                dns
                66 B
                 90 B
                 1
                1

                DNS Request

                8.8.8.8.in-addr.arpa

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                 144 B
                 1
                1

                DNS Request

                business.bing.com

                DNS Response

                13.107.6.158

              • 8.8.8.8:53
                business.bing.com
                dns
                63 B
                 171 B
                 1
                1

                DNS Request

                business.bing.com

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                 172 B
                 1
                1

                DNS Request

                bzib.nelreports.net

                DNS Response

                2.19.117.71
                2.19.117.83

              • 8.8.8.8:53
                bzib.nelreports.net
                dns
                65 B
                 204 B
                 1
                1

                DNS Request

                bzib.nelreports.net

              • 8.8.8.8:53
                228.249.119.40.in-addr.arpa
                dns
                73 B
                 159 B
                 1
                1

                DNS Request

                228.249.119.40.in-addr.arpa

              • 8.8.8.8:53
                71.117.19.2.in-addr.arpa
                dns
                70 B
                 133 B
                 1
                1

                DNS Request

                71.117.19.2.in-addr.arpa

              • 8.8.8.8:53
                172.214.232.199.in-addr.arpa
                dns
                74 B
                 128 B
                 1
                1

                DNS Request

                172.214.232.199.in-addr.arpa

              • 8.8.8.8:53
                95.221.229.192.in-addr.arpa
                dns
                73 B
                 144 B
                 1
                1

                DNS Request

                95.221.229.192.in-addr.arpa

              • 8.8.8.8:53
                14.160.190.20.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                14.160.190.20.in-addr.arpa

              • 224.0.0.251:5353
                204 B
                 3
              • 8.8.8.8:53
                232.168.11.51.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                232.168.11.51.in-addr.arpa

              • 92.123.128.174:443
                www.bing.com
                https
                3.1kB
                 6.7kB
                 9
                13
              • 8.8.8.8:53
                174.128.123.92.in-addr.arpa
                dns
                73 B
                 139 B
                 1
                1

                DNS Request

                174.128.123.92.in-addr.arpa

              • 8.8.8.8:53
                53.210.109.20.in-addr.arpa
                dns
                72 B
                 158 B
                 1
                1

                DNS Request

                53.210.109.20.in-addr.arpa

              • 8.8.8.8:53
                206.23.85.13.in-addr.arpa
                dns
                71 B
                 145 B
                 1
                1

                DNS Request

                206.23.85.13.in-addr.arpa

              • 8.8.8.8:53
                67.209.201.84.in-addr.arpa
                dns
                72 B
                 132 B
                 1
                1

                DNS Request

                67.209.201.84.in-addr.arpa

              • 8.8.8.8:53
                29.243.111.52.in-addr.arpa
                dns
                144 B
                 158 B
                 2
                1

                DNS Request

                29.243.111.52.in-addr.arpa

                DNS Request

                29.243.111.52.in-addr.arpa

              • 8.8.8.8:53
                186.128.123.92.in-addr.arpa
                dns
                73 B
                 139 B
                 1
                1

                DNS Request

                186.128.123.92.in-addr.arpa

              • 8.8.8.8:53
                172.210.232.199.in-addr.arpa
                dns
                74 B
                 128 B
                 1
                1

                DNS Request

                172.210.232.199.in-addr.arpa

              • 8.8.8.8:53
                226.162.46.104.in-addr.arpa
                dns
                73 B
                 147 B
                 1
                1

                DNS Request

                226.162.46.104.in-addr.arpa

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              We care about your privacy.

              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.