Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

.kdi/autorun

ubuntu-18.04-amd64

6

.kdi/autorun

debian-9-armhf

6

.kdi/autorun

debian-9-mips

6

.kdi/autorun

debian-9-mipsel

6

.kdi/bash

ubuntu-18.04-amd64

.kdi/inst

ubuntu-18.04-amd64

3

.kdi/inst

debian-9-armhf

1

.kdi/inst

debian-9-mips

1

.kdi/inst

debian-9-mipsel

3

.kdi/m.vbs

windows7-x64

1

.kdi/m.vbs

windows10-2004-x64

1

.kdi/pico

ubuntu-18.04-amd64

.kdi/run

ubuntu-18.04-amd64

1

.kdi/run

debian-9-armhf

1

.kdi/run

debian-9-mips

1

.kdi/run

debian-9-mipsel

1

.kdi/start

ubuntu-18.04-amd64

1

.kdi/start

debian-9-armhf

1

.kdi/start

debian-9-mips

1

.kdi/start

debian-9-mipsel

1

.kdi/xh

ubuntu-18.04-amd64

Analysis

  • max time kernel
    6s
  • max time network
    131s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22/12/2023, 07:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .kdi/inst

  • Size

    6KB

  • MD5

    5f66ee0ca74596fdd6b675ec0d108565

  • SHA1

    9778bb3aa3fa9e11d86f52d2f2f35e30b38b0a61

  • SHA256

    63d2a133ae6985eecf8912081a978874186b45974ef4ea02735776a59462ea8d

  • SHA512

    25830b923ef35e8e58df8dac152fc0e98b2b0c6e9038f5ff17ace3a45d69c500f5252f4a8258f882d12be9ab320393d8d201401b25bbc2fde0b801d8a29317df

  • SSDEEP

    96:uWFiGJPvksmt7HiEiQ0pE0Jy2yiarL9swXX6XswVXxtwVXok+Vy2WMw:uWF9gt7HbjQkrbXcfXkXok+Vy2WMw

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 4 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/.kdi/inst
    /tmp/.kdi/inst
    1⤵
    • Writes file to tmp directory
    PID:1539

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /tmp/.kdi/.user
    Filesize

    11B

    MD5

    8730ebc48fd62377ddde8137ceffb5f2

    SHA1

    a8a6e84074dd1d871ee9466fc439844af0aba59d

    SHA256

    229e561328aaf7e094640455ca62d4fe420b0eb66bf869e12e214a6c7486d560

    SHA512

    ded820680ccaeab3f0f7e3fe3f7016441e8ad64b67c82285bb8e23aa43677557831c2f26802dbc9942be5c3681ec9af37377070867aa568752f906ca44763959

    Download Submit

  • /tmp/.kdi/.user
    Filesize

    45B

    MD5

    f1b5b0bc3af974e0cc2c99a49b07ed22

    SHA1

    bead12a28e1bb57e969b0d688f1a86f4c4dbddfd

    SHA256

    d12b8e2a4fdd03f1403e7cda64dbde3fb392ea3dfd550de7a2e83885ae224462

    SHA512

    7151b46b99e3f4ba3f856da96dd0bcc39665d5589fcbaf8bff0b20e4aa9a8962de5e2993d5a1d747de491b1f098c0270c806f76c74b48998ebd5b43caa0c0072

    Download Submit

  • /tmp/.kdi/.user
    Filesize

    53B

    MD5

    d005287ae962e69fac87fea4b74bd59c

    SHA1

    b6aef870f5de9bc4cf9cc7334f85578d41d12158

    SHA256

    b278f28fdc6f4f037925a284f6c38764db55fd41ca93b22e163e2258ee0a082a

    SHA512

    5e0b99acbdb45b16e78ba2aea32f455535f59e6a2ef7b90a75c6ce570becc916ebcf64d6c2394b852e2de623af1a9037b7a930e9f14a589c3db45a7ec378a88b

    Download Submit

  • /tmp/.kdi/.user
    Filesize

    66B

    MD5

    9c0c692f52fa7186dc076fe2d41b4674

    SHA1

    ce2f54d126c21a1e74ae769ac032e4782fd0bfba

    SHA256

    17313056af8d674236cbaade59020be3a4c6bfef9eca3f4e7ac5a6c7388d198f

    SHA512

    d510030b57b478e514afbff1143c7d24b407714ec66dde71c50fa301551c423ef081fbfaceeba0260d37cf1b5d85488beb4974f4edefaa3d30d9f788e9d0cb23

    Download Submit

  • /tmp/.kdi/.user
    Filesize

    79B

    MD5

    913ac507f1e54a92fbc20e1855cccb0c

    SHA1

    928a15bf3093a6cfaf8c4664ed93d261dd83f528

    SHA256

    8ebe92dd9a57edfc9aa2548e61f5691d643eb9dbc05868e2397840834a766090

    SHA512

    29a2c361204d51430276e0a217ec9bf2106687ac1b9ea4e2b33822a6f7b7676171ab03a2da4cf27592c0e0a74de7aa43c9bd7d5a748edb64a646bb16e3ce9730

    Download Submit