Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    15e735df605b4257359a724731077fe5

  • Size

    98KB

  • Sample

    231219-2hsv5shhhl

  • MD5

    15e735df605b4257359a724731077fe5

  • SHA1

    2c4b589867eca42aff0b07995cc271134c075ff0

  • SHA256

    29504c6f5d42ab545f78e155f4c429d14a5b218c9ebaaf93946cf5db0bb50205

  • SHA512

    78f4212cec47acd5b50794129d5fe9463cad276ff93a3d16817672c043fe57627ac896542e2b8c1bee94cbfceb9660314dcdc9fc39514227d1b88ebe881d2601

  • SSDEEP

    3072:he7EqeQUHfPyjRJ9rBFKq2MF1QmqoVcqq6GnQOT:heZyo5Kq2MPQmqoVcqq6GnQOT

Score
10/10

Malware Config

Targets

    • Target

      15e735df605b4257359a724731077fe5

    • Size

      98KB

    • MD5

      15e735df605b4257359a724731077fe5

    • SHA1

      2c4b589867eca42aff0b07995cc271134c075ff0

    • SHA256

      29504c6f5d42ab545f78e155f4c429d14a5b218c9ebaaf93946cf5db0bb50205

    • SHA512

      78f4212cec47acd5b50794129d5fe9463cad276ff93a3d16817672c043fe57627ac896542e2b8c1bee94cbfceb9660314dcdc9fc39514227d1b88ebe881d2601

    • SSDEEP

      3072:he7EqeQUHfPyjRJ9rBFKq2MF1QmqoVcqq6GnQOT:heZyo5Kq2MPQmqoVcqq6GnQOT

    Score
    9/10
    • Contacts a large (23844) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks