Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f44335b7b8b3fe04567de3f894ebd9634439cf30275335212cbe72805cbf58c8elf_JC.elf

  • Size

    110KB

  • Sample

    231005-x2tvbsgf88

  • MD5

    56914892ce20aa1bb1bc105443e1e5c6

  • SHA1

    02770ca948619ccaec8b5870ea1e12097562e83c

  • SHA256

    f44335b7b8b3fe04567de3f894ebd9634439cf30275335212cbe72805cbf58c8

  • SHA512

    bf4c6a3b27b0e2400f46449ed2a7a1ee51deb2da6ea139e5d6bd9b14a2c1dac4e2aaff089536405f143850965c6e9436620b41587a7e963083efd78d211efc41

  • SSDEEP

    1536:ZZkalZCevKSJSSSgMSnXKUFrIX3En/E1p6mtQYxWQ+qibro409eOd3Ly9df:Sejn1pIXU/E1NeYCqibro40V3Ly9df

Score
9/10

Malware Config

Targets

    • Target

      f44335b7b8b3fe04567de3f894ebd9634439cf30275335212cbe72805cbf58c8elf_JC.elf

    • Size

      110KB

    • MD5

      56914892ce20aa1bb1bc105443e1e5c6

    • SHA1

      02770ca948619ccaec8b5870ea1e12097562e83c

    • SHA256

      f44335b7b8b3fe04567de3f894ebd9634439cf30275335212cbe72805cbf58c8

    • SHA512

      bf4c6a3b27b0e2400f46449ed2a7a1ee51deb2da6ea139e5d6bd9b14a2c1dac4e2aaff089536405f143850965c6e9436620b41587a7e963083efd78d211efc41

    • SSDEEP

      1536:ZZkalZCevKSJSSSgMSnXKUFrIX3En/E1p6mtQYxWQ+qibro409eOd3Ly9df:Sejn1pIXU/E1NeYCqibro40V3Ly9df

    Score
    9/10
    • Contacts a large (10159) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Deletes itself

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks