Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a54ef33307055cb96132c4ac405d8329

  • Size

    29KB

  • Sample

    230305-xz48aahb96

  • MD5

    a54ef33307055cb96132c4ac405d8329

  • SHA1

    8b8667eae92266d1301a90fe0d1c5c4da279f6fd

  • SHA256

    f71837acd9629898d65d32c655d021a06792aef8ef0b624bd9e2cdde6acc95fe

  • SHA512

    99fcffe69442e0b82d9bf58d40b86a5db765faf8a94485a287024665a9f1b528cbee38a90f6552e69fb507b7e0fc09988aba89beb0f364c2b53f635e661ca174

  • SSDEEP

    768:ICn8siAvV2IsJhcpzAp1UU0SWyEVwlMIxWq:ICn8siAvVkL0fpVmMO

Score
9/10

Malware Config

Targets

    • Target

      a54ef33307055cb96132c4ac405d8329

    • Size

      29KB

    • MD5

      a54ef33307055cb96132c4ac405d8329

    • SHA1

      8b8667eae92266d1301a90fe0d1c5c4da279f6fd

    • SHA256

      f71837acd9629898d65d32c655d021a06792aef8ef0b624bd9e2cdde6acc95fe

    • SHA512

      99fcffe69442e0b82d9bf58d40b86a5db765faf8a94485a287024665a9f1b528cbee38a90f6552e69fb507b7e0fc09988aba89beb0f364c2b53f635e661ca174

    • SSDEEP

      768:ICn8siAvV2IsJhcpzAp1UU0SWyEVwlMIxWq:ICn8siAvVkL0fpVmMO

    Score
    9/10
    • Contacts a large (85326) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Enterprise v6

Tasks