Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

beed61dc63...0235e9

windows7-x64

beed61dc63...0235e9

windows10-2004-x64

1

Resubmissions

11/03/2025, 16:30 UTC

250311-tz8zpaxrz2 10

11/03/2025, 16:06 UTC

250311-tkc9gaxm16 10

11/03/2025, 16:06 UTC

250311-tj3sqsxm13 10

10/03/2025, 17:34 UTC

250310-v5yatasnz9 10

20/02/2025, 10:50 UTC

250220-mw8festjaz 10

20/02/2025, 10:49 UTC

250220-mw12cavpw6 10

16/02/2025, 02:33 UTC

250216-c1244ayjc1 10

16/02/2025, 02:26 UTC

250216-cw6xgsxldq 10

12/02/2025, 14:54 UTC

250212-r9zgwswmej 10

12/02/2025, 14:27 UTC

250212-rsdtvsvqet 10

Analysis

  • max time kernel
    119s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/02/2025, 10:50 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    beed61dc63e3b01b93e6c50c6885b89988b59a3f6abdfa24e922e1402a0235e9

  • Size

    8.5MB

  • MD5

    2d690d32e637c43a18aa8f4f2fd28e48

  • SHA1

    f8a5f75a34d2751c0e7195cd4adabddc1ece465e

  • SHA256

    beed61dc63e3b01b93e6c50c6885b89988b59a3f6abdfa24e922e1402a0235e9

  • SHA512

    2641192c4ebb0a66fdf6a9be16ccfc38a4cd98a32467d5b6e719c73b2893a28888b7c9c77d3db3a0d2e93d14408081bdc92238dc3a5b1479229843f354c7305e

  • SSDEEP

    196608:exCyu9hdCjcHsm2gTEE/OBBZVaMKb0QqNnJi6lWzVYK5P6qwpxFlWavvy7:ervy

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\beed61dc63e3b01b93e6c50c6885b89988b59a3f6abdfa24e922e1402a0235e9
    1⤵
      PID:1920

    Network

    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.ax-0001.ax-msedge.net
      g-bing-com.ax-0001.ax-msedge.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=395D6CCC5AEE6DDC158E79555B656C45; domain=.bing.com; expires=Tue, 17-Mar-2026 10:50:17 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: B2AE4F60F15F4DF69A5495BF72AAD283 Ref B: FRA31EDGE0420 Ref C: 2025-02-20T10:50:17Z
      date: Thu, 20 Feb 2025 10:50:16 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=395D6CCC5AEE6DDC158E79555B656C45
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=RIjA6jHkVuSabr0MHC7zA-HgD4QGbp2QnH_Jl3crlZk; domain=.bing.com; expires=Tue, 17-Mar-2026 10:50:17 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 79CC0A6B37D04983B7B6861AFC925935 Ref B: FRA31EDGE0420 Ref C: 2025-02-20T10:50:17Z
      date: Thu, 20 Feb 2025 10:50:17 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=
      Remote address:
      150.171.28.10:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=395D6CCC5AEE6DDC158E79555B656C45; MSPTC=RIjA6jHkVuSabr0MHC7zA-HgD4QGbp2QnH_Jl3crlZk
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 22386B31FFD44BD2A49408CE3D6A9B10 Ref B: FRA31EDGE0420 Ref C: 2025-02-20T10:50:17Z
      date: Thu, 20 Feb 2025 10:50:17 GMT
    • flag-gb
      GET
      https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90
      Remote address:
      2.16.34.144:443
      Request
      GET /th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90 HTTP/2.0
      host: www.bing.com
      accept: */*
      cookie: MUID=395D6CCC5AEE6DDC158E79555B656C45; MSPTC=RIjA6jHkVuSabr0MHC7zA-HgD4QGbp2QnH_Jl3crlZk
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-type: image/jpeg
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      content-length: 1981
      date: Thu, 20 Feb 2025 10:50:20 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.7f221002.1740048619.373edd3
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239339388046_17EE83OP3A0D95XZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239339388046_17EE83OP3A0D95XZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 922210
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: AF2D5938E7DA481BA25571515A46C0D4 Ref B: FRA31EDGE0122 Ref C: 2025-02-20T10:52:14Z
      date: Thu, 20 Feb 2025 10:52:14 GMT
    • 150.171.28.10:443
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=
      tls, http2
      2.1kB
       9.5kB
       24
      21

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=bca6cb2b36b442018ff60fc4805e3a6d&localId=w:7A7CDDEC-10AD-70C3-CBA3-32B71A66CD90&deviceId=6755478849407355&anid=

      HTTP Response

      204
    • 2.16.34.144:443
      https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90
      tls, http2
      1.6kB
       7.4kB
       19
      16

      HTTP Request

      GET https://www.bing.com/th?id=OADD2.10239414284817_1UVYYSBXC4CID8KBL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=48&h=48&dynsize=1&qlt=90

      HTTP Response

      200
    • 150.171.27.10:443
      g.bing.com
      tls, https
      164 B
       40 B
       2
      1
    • 150.171.27.10:443
      g.bing.com
      322 B
       7
    • 150.171.27.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239339388046_17EE83OP3A0D95XZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      tls, http2
      33.2kB
       961.5kB
       700
      697

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239339388046_17EE83OP3A0D95XZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200
    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       148 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      150.171.28.10
      150.171.27.10

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.