Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

gosh/3.vbs

windows7-x64

1

gosh/3.vbs

windows10-2004-x64

1

gosh/gcc.js

windows7-x64

1

gosh/gcc.js

windows10-2004-x64

1

gosh/gen-pass.sh

ubuntu-18.04-amd64

1

gosh/gen-pass.sh

debian-9-armhf

1

gosh/gen-pass.sh

debian-9-mips

1

gosh/gen-pass.sh

debian-9-mipsel

1

gosh/go.sh

windows7-x64

3

gosh/go.sh

windows10-2004-x64

3

gosh/pscan2

ubuntu-18.04-amd64

gosh/scam

ubuntu-18.04-amd64

6

gosh/scam

debian-9-armhf

6

gosh/scam

debian-9-mips

6

gosh/scam

debian-9-mipsel

3

gosh/secure

ubuntu-18.04-amd64

3

gosh/secure

debian-9-armhf

3

gosh/secure

debian-9-mips

1

gosh/secure

debian-9-mipsel

1

gosh/ss

ubuntu-18.04-amd64

1

gosh/ssh-scan

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    7s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20231215-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    22/12/2023, 03:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gosh/scam

  • Size

    4KB

  • MD5

    fc457f091269f8303f5499043a655c24

  • SHA1

    cb8be781eb141222fe1f617911b6e89f40ecab06

  • SHA256

    c574d640d3e80fdc76992c4b872b7a3768a7dc54213cf49c0cc6b6c47608cfc3

  • SHA512

    770bce5e962feaede5800aa27e3dad89ee364eccb5aa4f01ad2c8bec6fcc32a27b16ea4833911b768c24d939fdb4fac7cb8af4dd7b204e975fafa2d427d5b092

  • SSDEEP

    96:Fymtc3nmUyp8zW9wnqoZpIS2baUrKhI/uVcTR6bEkIev45CC5MDmNA36Rnw9Wz8Z:S35eNbWf

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/gosh/scam
    /tmp/gosh/scam
    1⤵
    • Writes file to tmp directory
    PID:721
    • /sbin/ifconfig
      /sbin/ifconfig -a
      2⤵
        PID:726

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /tmp/gosh/info2
      Filesize

      27B

      MD5

      176cc35a4c2033f0b8415b228e43ef9a

      SHA1

      fea20e6170240e12abb1969a72dd2160b5bbeffe

      SHA256

      879af0d43308e769dd98b058c70139debaf32cec4e38468e2b70a594ca07126c

      SHA512

      a14f93dae504c3af640dcded90b7055643eb45f16a4b9a0eeadde3027b8eed5039b66e80a0162642c43903cdc1e57f9b37dc69990b737df8be8a48ae166d7d8f

      Download Submit