Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9fe5ea604ed3d4e68f75489ce286aabb

  • Size

    199KB

  • Sample

    231220-l494jscca6

  • MD5

    9fe5ea604ed3d4e68f75489ce286aabb

  • SHA1

    2639671a6bfce4bb16efdbdf2bbf2f1397d38390

  • SHA256

    8df9c2b7bf085261e91c2ceae0c032b693721f5ba15b718b989129cad6c40024

  • SHA512

    d5ed06934e902bfd6ea420a5dbc455508897006f01ccbbe4bdcc1c84c7490c07c48c76b0ecacb7581faf4f81d26fd7ae2b4a783d27ffc379a455ecf308cd4926

  • SSDEEP

    3072:9hcxBZYmBqgTQ3xSdL76KIVT1i+YHx+QV5tVpk6chD3geyHiEo1yFNOBPWruMIlG:lgNogF9SOrcXgDDTlPWDyaejZh

Score
10/10

Malware Config

Targets

    • Target

      9fe5ea604ed3d4e68f75489ce286aabb

    • Size

      199KB

    • MD5

      9fe5ea604ed3d4e68f75489ce286aabb

    • SHA1

      2639671a6bfce4bb16efdbdf2bbf2f1397d38390

    • SHA256

      8df9c2b7bf085261e91c2ceae0c032b693721f5ba15b718b989129cad6c40024

    • SHA512

      d5ed06934e902bfd6ea420a5dbc455508897006f01ccbbe4bdcc1c84c7490c07c48c76b0ecacb7581faf4f81d26fd7ae2b4a783d27ffc379a455ecf308cd4926

    • SSDEEP

      3072:9hcxBZYmBqgTQ3xSdL76KIVT1i+YHx+QV5tVpk6chD3geyHiEo1yFNOBPWruMIlG:lgNogF9SOrcXgDDTlPWDyaejZh

    Score
    9/10
    • Contacts a large (45097) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks