Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1d9c24b08d654d09cdb5ee56de8d4ce3
-
Size
27KB
-
Sample
231219-2lvh5seec9
-
MD5
1d9c24b08d654d09cdb5ee56de8d4ce3
-
SHA1
33758f2c9b6ffb61f11016f67c665c8ec10c1432
-
SHA256
c8e019e63acaa2c70f28afd4305ca6588acc568cb1005ac6f7813ae3f7e76001
-
SHA512
7c9f76a58cac4fa166632364fc1edf82b24fee714073bd7e14121c9d1a00c9a94efa14e64de2114af5d3369f05152030d94df171ba2d05cfdae6bc2da142cf47
-
SSDEEP
768:1lBiH68RpezBkfkLTK/kqhjCD4PTLdyLoWeJ5BN1EJgGlzDpxYsH:HBAZjezTfKMqhnrLdJ5BNuVrYU
Malware Config
Targets
-
-
Target
1d9c24b08d654d09cdb5ee56de8d4ce3
-
Size
27KB
-
MD5
1d9c24b08d654d09cdb5ee56de8d4ce3
-
SHA1
33758f2c9b6ffb61f11016f67c665c8ec10c1432
-
SHA256
c8e019e63acaa2c70f28afd4305ca6588acc568cb1005ac6f7813ae3f7e76001
-
SHA512
7c9f76a58cac4fa166632364fc1edf82b24fee714073bd7e14121c9d1a00c9a94efa14e64de2114af5d3369f05152030d94df171ba2d05cfdae6bc2da142cf47
-
SSDEEP
768:1lBiH68RpezBkfkLTK/kqhjCD4PTLdyLoWeJ5BN1EJgGlzDpxYsH:HBAZjezTfKMqhnrLdJ5BNuVrYU
Score9/10-
Contacts a large (115374) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Deletes itself
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-