Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9305f8d0a40653741cc334e9e9d410b0

  • Size

    156KB

  • Sample

    231220-jzxljsahfj

  • MD5

    9305f8d0a40653741cc334e9e9d410b0

  • SHA1

    74bdd415b3196543c5a35e77b5b85e14a77d2d66

  • SHA256

    840371cc8eab926c403795268813965e4055962768078d5cd441ec2fb23b81e8

  • SHA512

    70962693bb99837f10b23f3d0b1ecaab2d23b193d7c09be9bea92b3786304f5a6c7294ddab7b7c6349de3b69da47b186f104a39934a3163083c630674510d01d

  • SSDEEP

    3072:NMVhnf7YLx0Bedi1ebcRg/DJmUlGPaLEgvI6Nb:NonTqgODJmUlGPaLEgvI6Nb

Score
10/10

Malware Config

Targets

    • Target

      9305f8d0a40653741cc334e9e9d410b0

    • Size

      156KB

    • MD5

      9305f8d0a40653741cc334e9e9d410b0

    • SHA1

      74bdd415b3196543c5a35e77b5b85e14a77d2d66

    • SHA256

      840371cc8eab926c403795268813965e4055962768078d5cd441ec2fb23b81e8

    • SHA512

      70962693bb99837f10b23f3d0b1ecaab2d23b193d7c09be9bea92b3786304f5a6c7294ddab7b7c6349de3b69da47b186f104a39934a3163083c630674510d01d

    • SSDEEP

      3072:NMVhnf7YLx0Bedi1ebcRg/DJmUlGPaLEgvI6Nb:NonTqgODJmUlGPaLEgvI6Nb

    Score
    9/10
    • Contacts a large (22876) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks