Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
152s -
platform
linux_mipsel -
resource
debian9-mipsel-en-20211208 -
resource tags
arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
09/10/2023, 06:22
Static task
static1
Behavioral task
behavioral1
Sample
259b0c0c65f6836cc2ee8aa22da007415404231e178aabfbb4bfc11c7786f441
Resource
debian9-mipsel-en-20211208
debian-9-mipsel
2 signatures
150 seconds
General
-
Target
259b0c0c65f6836cc2ee8aa22da007415404231e178aabfbb4bfc11c7786f441
-
Size
194KB
-
MD5
12fe77575c11b698501e2068810823a4
-
SHA1
3a3f37333e298c3c6f2be18da4f5473454820d2d
-
SHA256
259b0c0c65f6836cc2ee8aa22da007415404231e178aabfbb4bfc11c7786f441
-
SHA512
e65c461d82384ac75d5db674cf99813c5fed4319cc110b4a2f9ff9796359d8898553153e0a2c2c263fd0dccc23fd2a8c56aa2f8dae76f2cf5bebe5e4d0bf99ba
-
SSDEEP
3072:pxyieaRbJ1NvGCP3cgnSkVXi/S2u2g/gz:pM6bJ1NdcgnFN2Dg/g
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself /bin/bash 335 259b0c0c65f6836cc2ee8aa22da007415404231e178aabfbb4bfc11c7786f441 -
Unexpected DNS network traffic destination 64 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 51.254.162.59 Destination IP 178.254.22.166 Destination IP 134.195.4.2 Destination IP 134.195.4.2 Destination IP 195.10.195.195 Destination IP 185.181.61.24 Destination IP 185.181.61.24 Destination IP 134.195.4.2 Destination IP 185.181.61.24 Destination IP 134.195.4.2 Destination IP 178.254.22.166 Destination IP 134.195.4.2 Destination IP 51.158.108.203 Destination IP 51.254.162.59 Destination IP 81.169.136.222 Destination IP 185.181.61.24 Destination IP 51.158.108.203 Destination IP 81.169.136.222 Destination IP 178.254.22.166 Destination IP 81.169.136.222 Destination IP 81.169.136.222 Destination IP 185.181.61.24 Destination IP 134.195.4.2 Destination IP 185.181.61.24 Destination IP 51.158.108.203 Destination IP 185.181.61.24 Destination IP 51.77.149.139 Destination IP 51.254.162.59 Destination IP 134.195.4.2 Destination IP 134.195.4.2 Destination IP 81.169.136.222 Destination IP 185.181.61.24 Destination IP 178.254.22.166 Destination IP 134.195.4.2 Destination IP 81.169.136.222 Destination IP 94.16.114.254 Destination IP 185.181.61.24 Destination IP 91.217.137.37 Destination IP 178.254.22.166 Destination IP 134.195.4.2 Destination IP 185.181.61.24 Destination IP 194.36.144.87 Destination IP 185.181.61.24 Destination IP 94.16.114.254 Destination IP 81.169.136.222 Destination IP 134.195.4.2 Destination IP 51.77.149.139 Destination IP 94.16.114.254 Destination IP 194.36.144.87 Destination IP 51.254.162.59 Destination IP 81.169.136.222 Destination IP 178.254.22.166 Destination IP 178.254.22.166 Destination IP 194.36.144.87 Destination IP 51.77.149.139 Destination IP 178.254.22.166 Destination IP 51.77.149.139 Destination IP 51.158.108.203 Destination IP 185.181.61.24 Destination IP 51.158.108.203 Destination IP 51.158.108.203 Destination IP 194.36.144.87 Destination IP 94.16.114.254 Destination IP 134.195.4.2