Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Win32.Mars...nu.exe

windows7-x64

3

Win32.Mars...nu.exe

windows10-2004-x64

3

Win32.Mars...PC.exe

windows7-x64

7

Win32.Mars...PC.exe

windows10-2004-x64

7

mars/panel...n.html

windows7-x64

3

mars/panel...n.html

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...app.js

windows7-x64

3

mars/panel...app.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ker.js

windows7-x64

3

mars/panel...ker.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ker.js

windows7-x64

3

mars/panel...ker.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...nit.js

windows7-x64

3

mars/panel...nit.js

windows10-2004-x64

3

mars/panel...min.js

windows7-x64

3

mars/panel...min.js

windows10-2004-x64

3

mars/panel...ore.js

windows7-x64

3

mars/panel...ore.js

windows10-2004-x64

3

mars/panel...ced.js

windows7-x64

3

mars/panel...ced.js

windows10-2004-x64

3

Analysis

  • max time kernel
    104s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/02/2025, 17:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mars/panel/assets/js/apexcharts.min.js

  • Size

    870KB

  • MD5

    ae50ed75dbd16a56ab772663cd3bcf9c

  • SHA1

    b84fd35fd6760a8e51cb99bc3bcf8533454554e7

  • SHA256

    95483691e4771b81a36c0d4dca22a429041b96f099c88cf20619d32cf0b50c3f

  • SHA512

    f9dbc71e13977ca5e459219f52ae56e5b980fc8670f85b6693e45feae812a30b7db3f786cb157425bce5cf7c856566775c236664386b772a232382d881bd1d64

  • SSDEEP

    24576:MZWc42Ub/tahrBul5JsdKCNV7yNyoFQeUle+3qn9nZw0dpqEY3PoSTHS08txsjp9:MZWc42Ub/tahrBuZsdKCNV7yNyoFQeU/

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\mars\panel\assets\js\apexcharts.min.js
    1⤵
      PID:3412

    Network

    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.ax-0001.ax-msedge.net
      g-bing-com.ax-0001.ax-msedge.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=
      Remote address:
      150.171.27.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=23465C1E1D4463B82E2E49891CE86296; domain=.bing.com; expires=Sun, 15-Mar-2026 17:57:22 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 0FB5AF9DF6F246C6B6BDC101F3F576D6 Ref B: FRA31EDGE0117 Ref C: 2025-02-18T17:57:22Z
      date: Tue, 18 Feb 2025 17:57:21 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=
      Remote address:
      150.171.27.10:443
      Request
      GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=23465C1E1D4463B82E2E49891CE86296
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=BOOIVGt-zzc-Sdz6XXn1UmXqTgcMqO9c-SdKPq9DwBI; domain=.bing.com; expires=Sun, 15-Mar-2026 17:57:22 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 9795FEFAA0914B65ADC76C451DCF73A9 Ref B: FRA31EDGE0117 Ref C: 2025-02-18T17:57:22Z
      date: Tue, 18 Feb 2025 17:57:21 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=
      Remote address:
      150.171.27.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=23465C1E1D4463B82E2E49891CE86296; MSPTC=BOOIVGt-zzc-Sdz6XXn1UmXqTgcMqO9c-SdKPq9DwBI
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: ADDD537546A84CF7B59EEB78F7736AF6 Ref B: FRA31EDGE0117 Ref C: 2025-02-18T17:57:22Z
      date: Tue, 18 Feb 2025 17:57:21 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 332982
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: ED4FB6508C6347B1BC1FAEDA01F0E3B6 Ref B: FRA31EDGE0705 Ref C: 2025-02-18T17:59:05Z
      date: Tue, 18 Feb 2025 17:59:05 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 1061732
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 82836BED3B4A4AAE99AAA61A9538BBFE Ref B: FRA31EDGE0705 Ref C: 2025-02-18T17:59:10Z
      date: Tue, 18 Feb 2025 17:59:10 GMT
    • 150.171.27.10:443
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=
      tls, http2
      2.0kB
       9.4kB
       22
      20

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=05e3aa6751584b71a43385290ef75cc2&localId=w:14CD4D20-B176-E85D-8926-44834915EA76&deviceId=6896211258681910&anid=

      HTTP Response

      204
    • 150.171.27.10:443
      g.bing.com
      tls, https
      246 B
       40 B
       3
      1
    • 150.171.27.10:443
      g.bing.com
      322 B
       7
    • 150.171.27.10:443
      g.bing.com
      322 B
       7
    • 150.171.27.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      tls, http2
      52.0kB
       1.4MB
       1055
      1052

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301171_1NGPNIQ68LQQ3GSOB&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200
    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       148 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      150.171.27.10
      150.171.28.10

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.