Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1a796f26d5...cebe86

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    30957s
  • max time network
    156s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    01/12/2022, 23:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a796f26d5d9cc76978ecaa0ef63e603a47722545fa1e6939bd85144edcebe86

  • Size

    128KB

  • MD5

    dccb19b35c28110a7c2e436e5ea85c37

  • SHA1

    3f4dbc358e86ce7218b5b7855eeb9e1d7b60fceb

  • SHA256

    1a796f26d5d9cc76978ecaa0ef63e603a47722545fa1e6939bd85144edcebe86

  • SHA512

    4a6466a12876deb429e2c2632ce26a673408fd7521e3f377a7e498ba6458205a6ef9adb7627aa96846721fe61b5e83b54010d760dc58f46ee7aa86d081cec844

  • SSDEEP

    3072:/RblCSIsP4vHfwOjq9Iod7X8Fv+xHuWa+QruY1V1Ow23:/QEsHfwaWIg7MyutNqEK13

Score
9/10
discovery

Malware Config

Signatures

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/1a796f26d5d9cc76978ecaa0ef63e603a47722545fa1e6939bd85144edcebe86
    /tmp/1a796f26d5d9cc76978ecaa0ef63e603a47722545fa1e6939bd85144edcebe86
    1⤵
    • Reads runtime system information
    • Writes file to tmp directory
    PID:593

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads