Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d386ac57d8ddc0e544e3a69641c68b8
-
Size
157KB
-
Sample
231220-crxs1sgbfq
-
MD5
7d386ac57d8ddc0e544e3a69641c68b8
-
SHA1
dfe78f65e0bfc96dbed20b8ab5ca9398ced30bd1
-
SHA256
ad2aa8ad7e9f46168c811aae08adbe5e6ae58a8ff84cacd3aa0e630f84b08d14
-
SHA512
b3394b83bb129877091c17b7eea655f30ae538c62c9c5a89ff89b71f395a366baca969db4d505d776b73ac27961849e23d1bfcb08243c76eb51b7e711cb63d46
-
SSDEEP
3072:q1buCcJqcKxZe/3boPOkqNvfJTtmI5mPAZaQhSmWitCBNU:qGw5fybomlvfJTVmPAZaQhSmWitCBNU
Behavioral task
behavioral1
Sample
7d386ac57d8ddc0e544e3a69641c68b8
Resource
debian9-armhf-20231215-en
Malware Config
Targets
-
-
Target
7d386ac57d8ddc0e544e3a69641c68b8
-
Size
157KB
-
MD5
7d386ac57d8ddc0e544e3a69641c68b8
-
SHA1
dfe78f65e0bfc96dbed20b8ab5ca9398ced30bd1
-
SHA256
ad2aa8ad7e9f46168c811aae08adbe5e6ae58a8ff84cacd3aa0e630f84b08d14
-
SHA512
b3394b83bb129877091c17b7eea655f30ae538c62c9c5a89ff89b71f395a366baca969db4d505d776b73ac27961849e23d1bfcb08243c76eb51b7e711cb63d46
-
SSDEEP
3072:q1buCcJqcKxZe/3boPOkqNvfJTtmI5mPAZaQhSmWitCBNU:qGw5fybomlvfJTVmPAZaQhSmWitCBNU
Score9/10-
Contacts a large (15439) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-