Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://plausible.io...

windows10-2004-x64

5

Analysis

  • max time kernel
    39s
  • max time network
    40s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/03/2025, 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://plausible.io/api/event

Score
5/10
googlediscoveryphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand GOOGLE. 1 IoCs
    phishinggoogle
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://plausible.io/api/event
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8296d46f8,0x7ff8296d4708,0x7ff8296d4718
      2⤵
        PID:3776
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
        2⤵
          PID:32
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 /prefetch:3
          2⤵
          • Detected potential entity reuse from brand GOOGLE.
          • Suspicious behavior: EnumeratesProcesses
          PID:2256
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
          2⤵
            PID:3040
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
            2⤵
              PID:216
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
              2⤵
                PID:2996
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
                2⤵
                  PID:2648
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2280
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
                  2⤵
                    PID:2064
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
                    2⤵
                      PID:3568
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                      2⤵
                        PID:4944
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,5420437847314310407,13467310819388479709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
                        2⤵
                          PID:3768
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:2356
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:2444

                          Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            6738f4e2490ee5070d850bf03bf3efa5

                            SHA1

                            fbc49d2dd145369e8861532e6ebf0bd56a0fe67c

                            SHA256

                            ca80bbae3c392e46d730a53d0ee4cfecbbe45c264ad3b3c7ee287252c21eaeab

                            SHA512

                            2939edf5e6c34c9ea669a129a4a5a410fbbd29cd504dc8e007e9b3b3c7fbb9bea8c14d6177ac375d0c481995774a02d210328569231cb01db07b59452333b22b

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            93be3a1bf9c257eaf83babf49b0b5e01

                            SHA1

                            d55c01e95c2e6a87a5ece8cc1d466cc98a520e2a

                            SHA256

                            8786fd66f4602e6ed3fa5248bd597b3f362ffa458f85207eaa154beb55522348

                            SHA512

                            885b09dd3072921f375eedb5f0575561adc89700ecfbe999bc3e5ea1d7cb45e19d85c5e420f2c0a12b428742e1110e66f4ceecbe5a6badddd36cc9e0aff48e52

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                            Filesize

                            192B

                            MD5

                            371b15d3accabf6bfeeacf530b042212

                            SHA1

                            01b565c22c279dc2bf57b4ce71fc147760e1b5ce

                            SHA256

                            2d6add35f8b8ab5277aeea159aa7a3035ce58b25acf08bb2d2025c41cc418385

                            SHA512

                            1edc24b05c31816dc6b24c056dde24dd08c4a13bd0f657ce5dfdc1d51f2f9518aedd9be619969180e69d506e52580f4b2190e60386cc813268153e1037f58e62

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                            Filesize

                            257B

                            MD5

                            e26f479bc9febf7ec3c281e806902c0c

                            SHA1

                            120cc629c16c806763605790df5175cf293329cf

                            SHA256

                            cc8ebf5fc7c613b254b81b050f5d79beb7ce1a7ca2c2e5ce888a27944f389d0d

                            SHA512

                            4ba3e79ae363b93345ba57e2490fdb6ae7a175f73d7ce0fd767643fd47494f8970a861f2b33af82acde61cea8e9b41f7918c94632848fd5dc36799767a8def19

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            860fa8b2cb45303869222af67e2d9b74

                            SHA1

                            db1302e8431a66908930c3a331ef8d1751b748d9

                            SHA256

                            5edceb989a3650f88f67a356e7c353824d2c9a0bd97b1b547c2a996babe503a6

                            SHA512

                            f1ab87357321c0521473cb248eca444b2b39c2407d2795cf8bba1cdcd61a970ee21a44b55b5f711bfdb1413212058fd35ae9803d76086fd992be62d5871efc3f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            5KB

                            MD5

                            aeb07dfc689fdf784d1a27130779a86b

                            SHA1

                            93324fdc84d2a743fbeed4829254eb7debacd4d9

                            SHA256

                            9855313978620275dff9cc4e7eed03113acc2485f1383453af6f9995b5dab927

                            SHA512

                            275a8d1c614d32df7e6b2d9d46d0d2424b23109c7e74d0e3ca7b329eb3224791add0e87d38ef2bdc95816089a7e698cab351653d8d63e1eb5a5febca25b0e8fe

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            84f323d5a94f53e0473235c51e5c405d

                            SHA1

                            a9bae44004cf5e2e1d0a04ede5ccc4ac4dfb715f

                            SHA256

                            61d8514a9b5449c2dcf98953d74d7b4805c99790df1cc53f1924fb278ba63fe3

                            SHA512

                            6cd7831a38623cbbaa4406ff7c68b25673cf7e3c97893a0d5cda5ae99cef6c09a00e27290e691735ec7033ce83b1c29578c62f42fdfd4da71b5f0694d204e7d9

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            961da1a44269bcd7a32a6335bbb7386d

                            SHA1

                            96c27290256e52fc5216e8fff587847515a6baa1

                            SHA256

                            f17bfb8f165a5376818c94617e1ff584c6821a2c2ebbaf06a090ad4e27b79517

                            SHA512

                            910ce93b868f47778094268d3bcfcc1f9b9e8af8120f544d82c014559ae4d3fdf4959e7da49a648b03b56f3a581de2b98342a43e94cd73accb138b7f4c8d2f75

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            71fc9ee7a02919acbb5dd7517a77c120

                            SHA1

                            5bfbd162c70010298a075c0525426957f56f90dd

                            SHA256

                            2fb368668144086dc7109d0ef1098a0529c118102a6e6211e53b618a0628f57d

                            SHA512

                            9f008bbae98e7158cc3c9dfb66a7a7c7b9309df5b41b35ffc1f4775bc705175dc2616c4899c796d6e1ae0defbc873fc6ffc95d62d377c87c71427b452663d4d4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            032188b6c33b277533d283d7756f0f3d

                            SHA1

                            88e335798988b7347e1da2ad27f0a47aac410654

                            SHA256

                            70b4e09fd8ccb7fad842abcded2b825c57cc08edccf335c0d9b0df0dbec117d8

                            SHA512

                            60c70dc3ff0744542199eab5aebfbc35f36773f420aa01f73e09ba231111f8bca96242ad23283db8f8c408aa40c6a5f677fef0936924b32831f8e9cdbf018d66

                            Download Submit