Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8d3c5dd6087aab9b2dc0e95eb1e087e4

  • Size

    157KB

  • Sample

    231220-hpc9gsgebq

  • MD5

    8d3c5dd6087aab9b2dc0e95eb1e087e4

  • SHA1

    419c74e52d41e15f9397ea4bdc03eb9abb253613

  • SHA256

    f5c3cb71da600bd0b1c0bfe8174e9783e4399ff22cfa7dcea2f1d3bbc8387279

  • SHA512

    726a26e4d5e525a249d895808d174eab71475a6ff714e03abe457f3f7e52a3e7ce4a3052d85d0642293e0d1a718bc94321312ac4c2548c410ed0563101f9bc68

  • SSDEEP

    3072:bKuf0MsjRFNaffl3zeb0Oxuys/jDZz5bVHbCmnBQzvV6io:bKYM9afflyuyGjp7CmnBQzvV6io

Score
10/10

Malware Config

Targets

    • Target

      8d3c5dd6087aab9b2dc0e95eb1e087e4

    • Size

      157KB

    • MD5

      8d3c5dd6087aab9b2dc0e95eb1e087e4

    • SHA1

      419c74e52d41e15f9397ea4bdc03eb9abb253613

    • SHA256

      f5c3cb71da600bd0b1c0bfe8174e9783e4399ff22cfa7dcea2f1d3bbc8387279

    • SHA512

      726a26e4d5e525a249d895808d174eab71475a6ff714e03abe457f3f7e52a3e7ce4a3052d85d0642293e0d1a718bc94321312ac4c2548c410ed0563101f9bc68

    • SSDEEP

      3072:bKuf0MsjRFNaffl3zeb0Oxuys/jDZz5bVHbCmnBQzvV6io:bKYM9afflyuyGjp7CmnBQzvV6io

    Score
    9/10
    • Contacts a large (22716) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks