Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    mips

  • Size

    36KB

  • Sample

    230201-eerscabg42

  • MD5

    2a0dace3cfe5115995f26768f711f011

  • SHA1

    f5840e00ba9aaf28c5542944bfdfbd9cc0d0f281

  • SHA256

    bc5964d46a872260b429717a7263ccbece8592b34b84869563d6092c868a253a

  • SHA512

    b19af04fefbcdeb53cd812b8d0c979fbd96d6d13c1205ee773c754c887870fd4ef578799b8c0b5b8adc5a01c47491b9b5b770b0183bef5da47c156db518541c4

  • SSDEEP

    384:HeHq05iI2EGySkjocP9MjzTrT0jGLU1ZYORKEiSsd9dA/OmU4xki+nWy2xp4Rds7:+GIGjzb0fald9dsOpyki+nWyguTi

Score
9/10

Malware Config

Targets

    • Target

      mips

    • Size

      36KB

    • MD5

      2a0dace3cfe5115995f26768f711f011

    • SHA1

      f5840e00ba9aaf28c5542944bfdfbd9cc0d0f281

    • SHA256

      bc5964d46a872260b429717a7263ccbece8592b34b84869563d6092c868a253a

    • SHA512

      b19af04fefbcdeb53cd812b8d0c979fbd96d6d13c1205ee773c754c887870fd4ef578799b8c0b5b8adc5a01c47491b9b5b770b0183bef5da47c156db518541c4

    • SSDEEP

      384:HeHq05iI2EGySkjocP9MjzTrT0jGLU1ZYORKEiSsd9dA/OmU4xki+nWy2xp4Rds7:+GIGjzb0fald9dsOpyki+nWyguTi

    Score
    9/10
    • Attempts to identify hypervisor via CPU configuration

      Checks CPU information for indicators that the system is a virtual machine.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Enterprise v6

Tasks