Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
0s -
max time network
103s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
01/07/2022, 05:15
Static task
static1
Behavioral task
behavioral1
Sample
f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40
Resource
ubuntu1804-amd64-en-20211208
General
-
Target
f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40
-
Size
53KB
-
MD5
7541b2c757c5f8f2a240b0824f467ffb
-
SHA1
a516682bc7c670312af3225b3eedc95e6c8fe15d
-
SHA256
f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40
-
SHA512
8f8741974923a017f55a309c5dd915a84d9593c8a6891ab426c59e7a98ca8fbd21e55c77519cb4a9203664c2682ba89a24fffacf3d39f0d6579c1ccbbf0a65a8
Malware Config
Signatures
-
Contacts a large (10454) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory 2 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process /tmp/f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40 /tmp/f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40 f4424871e85659bda17fcc19c5c4390535c7cda437f59d6e28a19cf3c67cef40 /tmp/fileln9xmuq9i /tmp/fileln9xmuq9i Process not Found