Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1b714a35d9609e55a5538e65f6a483bd

  • Size

    199KB

  • Sample

    231219-2kxbcaeah2

  • MD5

    1b714a35d9609e55a5538e65f6a483bd

  • SHA1

    030694a5cd1a31cf21695d7d8d8be61c8200d36f

  • SHA256

    c3b1846eec5d40bcefc0c15d5eb949044882aa9bdf5feb5cf7f9b8daa32443cb

  • SHA512

    3ff91cf02c21eb9865766dc25bf7456745820126e07cc7aaf3908caec3a537807455eea4c122374ca9ae68e22c0f55c6f71108bdb8d77062acc13dab43260283

  • SSDEEP

    3072:Ch5ZxgMNRrlSAnxCNbLondFONSeofhOglp91msaDht2oT15sRTo1yFu28RbJn/UY:mlK8ogFut/uLtnuyGDDTlPWDyaejZh

Score
10/10

Malware Config

Targets

    • Target

      1b714a35d9609e55a5538e65f6a483bd

    • Size

      199KB

    • MD5

      1b714a35d9609e55a5538e65f6a483bd

    • SHA1

      030694a5cd1a31cf21695d7d8d8be61c8200d36f

    • SHA256

      c3b1846eec5d40bcefc0c15d5eb949044882aa9bdf5feb5cf7f9b8daa32443cb

    • SHA512

      3ff91cf02c21eb9865766dc25bf7456745820126e07cc7aaf3908caec3a537807455eea4c122374ca9ae68e22c0f55c6f71108bdb8d77062acc13dab43260283

    • SSDEEP

      3072:Ch5ZxgMNRrlSAnxCNbLondFONSeofhOglp91msaDht2oT15sRTo1yFu28RbJn/UY:mlK8ogFut/uLtnuyGDDTlPWDyaejZh

    Score
    9/10
    • Contacts a large (68622) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks