Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
25047s -
max time network
151s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
-
submitted
24/09/2022, 14:21
General
-
Target
skidv2.x86_64-20220924-1421.elf
-
Size
66KB
-
MD5
fc6d0f18c2b86e9b787b1a856c2e4d5f
-
SHA1
bb574e43a9784e5eff1771b4745094338feeb8ed
-
SHA256
685a6fbeb5fb12719e1efb48f2c5fc6a4f86a4b6950fa1bf214140b409b36422
-
SHA512
ef508290b3e7bbd0de5fce8f4b714308bdb2a3d28fa75d6fdd9038c8ee21a5b25db18d682e3596e34d0e6d546ab1fb863cca357651a06f17ee93af9b6ab53298
-
SSDEEP
1536:pUluhdikJUVWMxMa0cFdy3cwpwVp5bqlG3I9lau6YLYbqFUm/VLt:iuhdiaUMSMa0Kact5WlG3Iz6YLYDm/Vh
Score
7/10
Malware Config
Signatures
-
Enumerates active TCP sockets 1 TTPs 1 IoCs
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information 24 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/skidv2.x86_64-20220924-1421.elf/tmp/skidv2.x86_64-20220924-1421.elf1⤵
-
/bin/shsh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/skidv2.x86_64-20220924-1421.elf bin/busybox; chmod 777 bin/busybox"1⤵
-
/bin/rmrm -rf bin/busybox2⤵
-
-
/bin/mkdirmkdir bin2⤵
- Reads runtime system information
-
-
/bin/mvmv /tmp/skidv2.x86_64-20220924-1421.elf bin/busybox2⤵
- Reads runtime system information
-
-
/bin/chmodchmod 777 bin/busybox2⤵
-