Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    774c83dc5d3445606dd21463e6944dd2

  • Size

    211KB

  • Sample

    231220-bfgrzsgeh7

  • MD5

    774c83dc5d3445606dd21463e6944dd2

  • SHA1

    118852631b0d7ed83e65b2a6f8224740e7443ef4

  • SHA256

    4f9e162882aa0d8619c7d8f391075d29bf656e943ea9eed7ef7a586dbbc59842

  • SHA512

    851ebfa3269b54fd85df8d2bedb4580c0016f7683b443553bf8a0f3e7e72cf48662e962185b44cfb3ec6dc504a622eb4b6b5fa6d3fdf6725200353d8235dd9ec

  • SSDEEP

    3072:fhahz/4OQTeCJllo1yFIUEPM7V7Fqm7e1H1TXhkmU8h2aAOJHJZNJ:QFC1ogF5pU1H1rhkmU8h2aAOJHJZNJ

Score
10/10

Malware Config

Targets

    • Target

      774c83dc5d3445606dd21463e6944dd2

    • Size

      211KB

    • MD5

      774c83dc5d3445606dd21463e6944dd2

    • SHA1

      118852631b0d7ed83e65b2a6f8224740e7443ef4

    • SHA256

      4f9e162882aa0d8619c7d8f391075d29bf656e943ea9eed7ef7a586dbbc59842

    • SHA512

      851ebfa3269b54fd85df8d2bedb4580c0016f7683b443553bf8a0f3e7e72cf48662e962185b44cfb3ec6dc504a622eb4b6b5fa6d3fdf6725200353d8235dd9ec

    • SSDEEP

      3072:fhahz/4OQTeCJllo1yFIUEPM7V7Fqm7e1H1TXhkmU8h2aAOJHJZNJ:QFC1ogF5pU1H1rhkmU8h2aAOJHJZNJ

    Score
    9/10
    • Contacts a large (50158) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks