Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8c8625b18cde7b370db2be9112b9d39d

  • Size

    112KB

  • Sample

    231220-hg2bcagbel

  • MD5

    8c8625b18cde7b370db2be9112b9d39d

  • SHA1

    a373e0c7ac3c9281755b79d7cdd4ca680744ff83

  • SHA256

    6ede01822951ed1619fdcc9f5ca49fce386ee237f47b8767a88fb20b463ef2ad

  • SHA512

    f00d19f447079cdad118bad348b30f69272d09a861f104efb274cc12091dabd052c960d9a0d5c806b53322471bc05d30aa8c7aae711b06fa5d251e8ed893bd05

  • SSDEEP

    1536:1tnQKGYU+uvZ0bk7M5hcOV8hu25RGIqA+MmHu3pceh0eZ4iw8+oze3:1tn/GYUzMXyDaIchO61wxwLo2

Score
10/10

Malware Config

Targets

    • Target

      8c8625b18cde7b370db2be9112b9d39d

    • Size

      112KB

    • MD5

      8c8625b18cde7b370db2be9112b9d39d

    • SHA1

      a373e0c7ac3c9281755b79d7cdd4ca680744ff83

    • SHA256

      6ede01822951ed1619fdcc9f5ca49fce386ee237f47b8767a88fb20b463ef2ad

    • SHA512

      f00d19f447079cdad118bad348b30f69272d09a861f104efb274cc12091dabd052c960d9a0d5c806b53322471bc05d30aa8c7aae711b06fa5d251e8ed893bd05

    • SSDEEP

      1536:1tnQKGYU+uvZ0bk7M5hcOV8hu25RGIqA+MmHu3pceh0eZ4iw8+oze3:1tn/GYUzMXyDaIchO61wxwLo2

    Score
    9/10
    • Contacts a large (132705) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks