Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8c8625b18cde7b370db2be9112b9d39d
-
Size
112KB
-
Sample
231220-hg2bcagbel
-
MD5
8c8625b18cde7b370db2be9112b9d39d
-
SHA1
a373e0c7ac3c9281755b79d7cdd4ca680744ff83
-
SHA256
6ede01822951ed1619fdcc9f5ca49fce386ee237f47b8767a88fb20b463ef2ad
-
SHA512
f00d19f447079cdad118bad348b30f69272d09a861f104efb274cc12091dabd052c960d9a0d5c806b53322471bc05d30aa8c7aae711b06fa5d251e8ed893bd05
-
SSDEEP
1536:1tnQKGYU+uvZ0bk7M5hcOV8hu25RGIqA+MmHu3pceh0eZ4iw8+oze3:1tn/GYUzMXyDaIchO61wxwLo2
Malware Config
Targets
-
-
Target
8c8625b18cde7b370db2be9112b9d39d
-
Size
112KB
-
MD5
8c8625b18cde7b370db2be9112b9d39d
-
SHA1
a373e0c7ac3c9281755b79d7cdd4ca680744ff83
-
SHA256
6ede01822951ed1619fdcc9f5ca49fce386ee237f47b8767a88fb20b463ef2ad
-
SHA512
f00d19f447079cdad118bad348b30f69272d09a861f104efb274cc12091dabd052c960d9a0d5c806b53322471bc05d30aa8c7aae711b06fa5d251e8ed893bd05
-
SSDEEP
1536:1tnQKGYU+uvZ0bk7M5hcOV8hu25RGIqA+MmHu3pceh0eZ4iw8+oze3:1tn/GYUzMXyDaIchO61wxwLo2
Score9/10-
Contacts a large (132705) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Writes file to system bin folder
-