Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8d3c5dd608...e087e4

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d3c5dd6087aab9b2dc0e95eb1e087e4

  • Size

    157KB

  • Sample

    231220-hpc9gsgebq

  • MD5

    8d3c5dd6087aab9b2dc0e95eb1e087e4

  • SHA1

    419c74e52d41e15f9397ea4bdc03eb9abb253613

  • SHA256

    f5c3cb71da600bd0b1c0bfe8174e9783e4399ff22cfa7dcea2f1d3bbc8387279

  • SHA512

    726a26e4d5e525a249d895808d174eab71475a6ff714e03abe457f3f7e52a3e7ce4a3052d85d0642293e0d1a718bc94321312ac4c2548c410ed0563101f9bc68

  • SSDEEP

    3072:bKuf0MsjRFNaffl3zeb0Oxuys/jDZz5bVHbCmnBQzvV6io:bKYM9afflyuyGjp7CmnBQzvV6io

Score
10/10
gafgytdiscovery

Malware Config

Targets

    • Target

      8d3c5dd6087aab9b2dc0e95eb1e087e4

    • Size

      157KB

    • MD5

      8d3c5dd6087aab9b2dc0e95eb1e087e4

    • SHA1

      419c74e52d41e15f9397ea4bdc03eb9abb253613

    • SHA256

      f5c3cb71da600bd0b1c0bfe8174e9783e4399ff22cfa7dcea2f1d3bbc8387279

    • SHA512

      726a26e4d5e525a249d895808d174eab71475a6ff714e03abe457f3f7e52a3e7ce4a3052d85d0642293e0d1a718bc94321312ac4c2548c410ed0563101f9bc68

    • SSDEEP

      3072:bKuf0MsjRFNaffl3zeb0Oxuys/jDZz5bVHbCmnBQzvV6io:bKYM9afflyuyGjp7CmnBQzvV6io

    Score
    9/10
    discovery

    • Contacts a large (22716) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks