Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c14fb5a5ce3159107d36998a0125604

  • Size

    124KB

  • Sample

    231219-2r645adegj

  • MD5

    2c14fb5a5ce3159107d36998a0125604

  • SHA1

    dd7cb9eb4b6fd31a43022b551d6a1b42bbdca51e

  • SHA256

    695f529b99a56c2796231e95bfcd8ec001b18267d602d67efc646f7dce44c264

  • SHA512

    b2d16997264dbd8abcf6da0c23e67fe4e2b3158b91e3431fed9a54eca679232a57df2ba3e446b9582d9b56bc55bdb9188a75e89884e75b8929ba8a2dcbf4cc7b

  • SSDEEP

    3072:EXK5gTpEEXRln17moxcQ+RxpusiG35ikhzD9oY4giAGaJpP:EXK5yEEXRdzc3OG35i+zD9oY4giAGaJ9

Score
10/10

Malware Config

Targets

    • Target

      2c14fb5a5ce3159107d36998a0125604

    • Size

      124KB

    • MD5

      2c14fb5a5ce3159107d36998a0125604

    • SHA1

      dd7cb9eb4b6fd31a43022b551d6a1b42bbdca51e

    • SHA256

      695f529b99a56c2796231e95bfcd8ec001b18267d602d67efc646f7dce44c264

    • SHA512

      b2d16997264dbd8abcf6da0c23e67fe4e2b3158b91e3431fed9a54eca679232a57df2ba3e446b9582d9b56bc55bdb9188a75e89884e75b8929ba8a2dcbf4cc7b

    • SSDEEP

      3072:EXK5gTpEEXRln17moxcQ+RxpusiG35ikhzD9oY4giAGaJpP:EXK5yEEXRdzc3OG35i+zD9oY4giAGaJ9

    Score
    9/10
    • Contacts a large (70536) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks