Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

.bash/autorun

ubuntu-18.04-amd64

6

.bash/autorun

debian-9-armhf

6

.bash/autorun

debian-9-mips

6

.bash/autorun

debian-9-mipsel

1

.bash/makesalt

ubuntu-18.04-amd64

.bash/ntpd

ubuntu-18.04-amd64

3

.bash/psybncchk

ubuntu-18.04-amd64

1

.bash/psybncchk

debian-9-armhf

1

.bash/psybncchk

debian-9-mips

1

.bash/psybncchk

debian-9-mipsel

1

.bash/run

ubuntu-18.04-amd64

1

.bash/run

debian-9-armhf

1

.bash/run

debian-9-mips

1

.bash/run

debian-9-mipsel

1

.bash/src/match.o

ubuntu-18.04-amd64

.bash/src/...fish.o

ubuntu-18.04-amd64

.bash/src/p_client.o

ubuntu-18.04-amd64

.bash/src/p_crypt.o

ubuntu-18.04-amd64

.bash/src/p_dcc.o

ubuntu-18.04-amd64

.bash/src/p_hash.o

ubuntu-18.04-amd64

.bash/src/p_idea.o

ubuntu-18.04-amd64

.bash/src/p_inifunc.o

ubuntu-18.04-amd64

.bash/src/p_intnet.o

ubuntu-18.04-amd64

.bash/src/p_link.o

ubuntu-18.04-amd64

.bash/src/p_log.o

ubuntu-18.04-amd64

.bash/src/p_memory.o

ubuntu-18.04-amd64

.bash/src/p_network.o

ubuntu-18.04-amd64

.bash/src/p_parse.o

ubuntu-18.04-amd64

.bash/src/p_peer.o

ubuntu-18.04-amd64

.bash/src/p_script.o

ubuntu-18.04-amd64

.bash/src/p_server.o

ubuntu-18.04-amd64

.bash/src/p_socket.o

ubuntu-18.04-amd64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e7a072e2ab6aef77355920ba7303f81

  • Size

    1.7MB

  • Sample

    231222-p19v6adbb2

  • MD5

    8e7a072e2ab6aef77355920ba7303f81

  • SHA1

    77b34668df7cdffa531c576545486228fa2dcf14

  • SHA256

    156287748d8c91640ad89b9393566b283a126674167e796f2dc481f62bac8e3c

  • SHA512

    a0727a7b4eb07a8345fba0159773fe6f2b12282181791b9ecdf4ec5bec938e6817a965298f984dc32c130a2bb451129664b0ca3337efdc1dbeb718247448f527

  • SSDEEP

    24576:1hKCQ8qyiyKKDx8AdX55C5CMcE+YO3/sqjtYujBzSTQIRlsIN79aBpUWIg:eCKytT/5C5CMc8wsqxYuFeQWlN9aPz

Score
6/10
linuxpersistence

Malware Config

Targets

    • Target

      .bash/autorun

    • Size

      327B

    • MD5

      167f53692010bdbe9aff7f5d29930bdf

    • SHA1

      ea5c47baefd3bb65145bc14d191fb68f53d85e76

    • SHA256

      9b5fe82b07db25b24e75789fd760d1065ea0215410f12eaf06bcba433b0874c2

    • SHA512

      03e3eea8fa88b4f9994110cc5113b820579059042027f030b0966bf3f948c7b637985ed4bf8a43a3b9b4867f9e4c175b3910d01dd81df5cbd2ece65f9cb655a5

    Score
    6/10
    persistence

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1behavioral2behavioral3behavioral4

    • Target

      .bash/makesalt

    • Size

      5KB

    • MD5

      bb53adcad31359d38ef1a2cd63abb1bd

    • SHA1

      20db3c6a11ad577976f64b76ea0ab679b4742490

    • SHA256

      7bfbcb6ef0067c564b8038aae197e1d499d63605be6f84d0b3abbed94da74300

    • SHA512

      0d89f889041e4e51966db6b1564878c7f7a360e2724fc0ddad2bda27450b3bd9a49be55fd28405c5334bc2785feea1bff2941d2b0a76357ea6b8757f08d73ce6

    • SSDEEP

      96:fOPQq+N54F4sQwWMV/y3vreEOHdSRk6Qq+2Eajy0YD8cn1+5/SwBjktB:fHwWP3vrWvMRjMv1

    Score
    1/10
    behavioral5

    • Target

      .bash/ntpd

    • Size

      434KB

    • MD5

      d7cb8d530dd813f34bdcf1b6c485589b

    • SHA1

      ab23fb28eaaa22a7e54cdc4b04c21745c0e506cc

    • SHA256

      fc931afe19846305625b023a37c464a427fc3d632f63e6b79811e8cde4ca67ea

    • SHA512

      76d2955dc036705ffc4e962d2660f6d236f9b336eb99e2387f0b9f58fd34b1c4079a423fa0017597f0597f1155501e8c6de834ff072a0103cc431544384857f3

    • SSDEEP

      12288:3KmfrVWs3a/0Qd0xFoL2wPIYqpQIznUwGRRYMntiTMAC9DyzXx:3Kmrwsc0Qd0xFMIYqpQJwGRS

    Score
    3/10
    behavioral6

    • Target

      .bash/psybncchk

    • Size

      369B

    • MD5

      9357d73079aeb1d8ff31ca7418bf1c2f

    • SHA1

      02f9d22cbc30e89c53c4c8f6c070fa8d2b4785c1

    • SHA256

      42ac148c3b73b8d4d47f54fd03a65f97c2b3495b20a1640f88d45b97d86c2331

    • SHA512

      65b21aed9ff27e4f5b38b946d4a9d50fcbc3380a0eb4153e73fc58786c4b446e343ec9c370f1cb7cbc5ad68f1d062b36303935a713b46afeeec8a143232923ed

    Score
    1/10
    behavioral10behavioral7behavioral8behavioral9

    • Target

      .bash/run

    • Size

      35B

    • MD5

      f1c46ed9e0a7bef20464645324b26477

    • SHA1

      0002ba04c7c5c39c5db354c60f27a7003764d527

    • SHA256

      d7adebec884636b9c5244b949d4a7c2a02087063d652816ad57a7d2bac0ba5c2

    • SHA512

      72a6d03ec40cdfe0b4d02dabba3adf08fdcd3815b5dbf69fe2272edf0722a3fedac8f503b6023c52458604da79370ee727e053affda86e7c333741783e82764c

    Score
    1/10
    behavioral11behavioral12behavioral13behavioral14

    • Target

      .bash/src/match.o

    • Size

      2KB

    • MD5

      0b1d2b7eda76610edb8502c08020a6dd

    • SHA1

      7421ced528dc5248a66a98b4a723955b083fa100

    • SHA256

      75655b75b41be99ff552255ffb3f144746a5f73ee3fbe99b179a4b70c998d13c

    • SHA512

      4d982eb027953af7e5a2cf5acbc1887400b54c71c1b5982e21a547ad8b5eaf11b7d1eb7643bad04db7a4bf37095a0b1e5da513a8a7ca92b7863657f5f9ecb15f

    Score
    1/10
    behavioral15

    • Target

      .bash/src/p_blowfish.o

    • Size

      11KB

    • MD5

      381a7200eb1d3be5c554db2fe052e9cd

    • SHA1

      852a3fba9a0d6ba0ee208a9b628dd9a94ee55dde

    • SHA256

      f1627b68b5b456b8ea84adeb707e5890684ab3d5489ed091d92ec94ad54cb3d8

    • SHA512

      c919585e3d8bf99a4e4fa1a0d4718e0bae2bcff0e74526668e1f849f9356457baa45bafe1bd2a6dc73497efe0d3f1dd3d2909ee314f3c09f47405562c681e577

    • SSDEEP

      192:DZ8Eu0zuOuOe/u0zuOuOelVBu0zuOuO8lrJV1NpHJAyZJg8D0KThxA+rAQE+tnJD:DuOuOuO2uOuOuOm7uOuOuO8l9V/ppJgY

    Score
    1/10
    behavioral16

    • Target

      .bash/src/p_client.o

    • Size

      61KB

    • MD5

      37d4451f87905b38e047f700925b7dac

    • SHA1

      52cb18dffffd0ecb57e4b4fc997e2fd3535f4a16

    • SHA256

      836cb35acf342d092a0a9713099b49f2888bd8f3dcd7dc7256ca37edcc3c2dda

    • SHA512

      3525536adc0902037cb7eabb7fc16abaaca4dee20798684c18f03bddc96278a1d701350c82f65b2907ad73c82d60a30cc626f919e68b175b7be5c9012621cda7

    • SSDEEP

      1536:ZCriAnQjxZqooCiFfJYS061jWuEIhpPecni5rXOtnrR:VUfCI1iunhiRsN

    Score
    1/10
    behavioral17

    • Target

      .bash/src/p_crypt.o

    • Size

      2KB

    • MD5

      425618653eaa249d4dceba29c85db43e

    • SHA1

      5455501a66ebc1d371f600499d01d74b7e9894b3

    • SHA256

      4fcf002f991566d2b1015875760220e6fe469f26b16660976a47540d4cda5872

    • SHA512

      e1b4fdd73c2759138e0dfadbe6e5209758a27fa9109029416e2bb2c92e53425132390c3f7b1500459dad8d1240aa7665f4b0d5b5d76328f092438f087ee81944

    Score
    1/10
    behavioral18

    • Target

      .bash/src/p_dcc.o

    • Size

      23KB

    • MD5

      d92e5969f09b0d5ae2e6b283edbf1e24

    • SHA1

      942559cb3f8179a6475a888abed3a62bb385ce7d

    • SHA256

      06c33dfc2141ddf095b1c67108558c0b7394a2d37c0940a65f9b88f25e7f1222

    • SHA512

      3c9b8581db0976035d1833071453015f5fdaa879942361bb5fa43ae4df68be48fa2c2eecdbfd034c04d8010e8a04f8eff4bcb3d7d160320d7f80d264f1d3e9ba

    • SSDEEP

      384:6iqvpuAYa6fG9+hbn+nHpk8ita5wvjuEkMguolDHQj+sYOPRnguQtRAq9etsfMrD:ABQ+nHpk8ita8kQj+sVJ5QnH9etwjjcZ

    Score
    1/10
    behavioral19

    • Target

      .bash/src/p_hash.o

    • Size

      14KB

    • MD5

      0b38d3f42d3919fc4ee336d23e906bb6

    • SHA1

      12e6dc6127e98e369c47222b7f32c2fb99968faf

    • SHA256

      b5407fbd27842369ec9651d452976f85dcf10d9ef5c3209b35e9ec082ff6bb75

    • SHA512

      f507eaae068c1beae8c286f6176b58d235ee7d64fed81b42f2d7a9bdbd22305b632eef2a80a0369c3b3af0aaf5762f70275773244682ae474126f4573734c903

    • SSDEEP

      384:FqXjYt+X4WOSjUwzH84ni+37zDP/s60A3UfHlSazQtrwGAaTLjq:8XjYqLi+r/ndxkfFitrTAau

    Score
    1/10
    behavioral20

    • Target

      .bash/src/p_idea.o

    • Size

      7KB

    • MD5

      e92302aed64c70a6b310987a57bf51a5

    • SHA1

      38704cacd9506703ab2918a565a91b2e4c783b0e

    • SHA256

      be7403f97fdf096ab46e2b3ed6e6360e8b54139e4a7c6dcd12048a2ea6fd2890

    • SHA512

      c6f1f8daaa017b97a2b5f10db2fa3d680212d1166e3ff9702c59ef923263ea46b5007e287329ded61108e7369e3cc374b9ee758a23ed4f19787f59e5f1ae11f3

    • SSDEEP

      96:P2PBOH7lvyauLDw7IdkA6hpurEIG82BIhW23LusPja/bxzdrnOK3wKvlSoH7teCk:uPBOH79fI59Lut0gNSohNQKw/

    Score
    1/10
    behavioral21

    • Target

      .bash/src/p_inifunc.o

    • Size

      6KB

    • MD5

      ff3d122762b8bd5568f06dad51b300b5

    • SHA1

      9bc6c0488f22d4986c261d5ccba1519f24342c38

    • SHA256

      140616af14a47dd2a6ef1fcf061447fe0ce02d8ce335a13e5567cbc2fe2c382e

    • SHA512

      74fa93ee42ea0b3fc4d146aabe82f9fd69a07a0204292a17210cbcce41ae7fa7ed525eec8db9ba3d3c5b7ff93a66d943b8ae6ffc0b9f0a716f6e1d8b3cf1f565

    • SSDEEP

      96:PJDRdTKOh4srGy783TXTICvf9XjhaY2MP9OszNZIrtarCLlI1bY7+R:pHFyTTPVXUMl/IkwlIxYyR

    Score
    1/10
    behavioral22

    • Target

      .bash/src/p_intnet.o

    • Size

      29KB

    • MD5

      d25c26c0212a37c173491ce8bce9e474

    • SHA1

      db47080420743c438dfa6d68ff91c0ddeb5ec292

    • SHA256

      6658cb5ba12f6584e20629b85ce1419b04cf362474d1f220005002be69347861

    • SHA512

      0477cf60185ab827376001ef02c6a2ac75370acade20def06bcafe2f3c948ecfcafa9af9b846eae5f18a5234e1c85f48ced36ae826309ddde182fd82a7de00bb

    • SSDEEP

      384:JLsaysVXZAsXHjX+QXJR9Xj3okXYgGKQOTXgISZO671XnlXMkJhAv2BkVAzjZrMa:Vsay6nqrjhA+o6VoXjrawTavV

    Score
    1/10
    behavioral23

    • Target

      .bash/src/p_link.o

    • Size

      15KB

    • MD5

      a27633ebe9f72106006cbae78e78ce9e

    • SHA1

      3d0de2e3b776d465858aa0a0759e57b4139aadfe

    • SHA256

      a8f2c808503ccfb891d1912930b45e92572243979e4084c60b0a06a1080cf16c

    • SHA512

      a1813a4d2d6675a4f68d943b02765ac50e93e89dabe1059030ed5465ec2cb14aaf002cea8b7a612c596be3637143e05aab54becd5987d4bd1e6e5603fd4141fb

    • SSDEEP

      384:Vwbexk4dUBmy1U5mFtEcO7Hd47n2o9fnYBMtb9vaN9i8zjO7PGNlLF5D3FHNSVng:3k4dUB91U5oecOx4J7+NZF5jFtSRfhLW

    Score
    1/10
    behavioral24

    • Target

      .bash/src/p_log.o

    • Size

      10KB

    • MD5

      0aa2bda64483dd7841dcc66f7f17c2ab

    • SHA1

      6df49769c30012d5b71ee659bbb9ddc17d200a41

    • SHA256

      ed2fceea00626039545b8f0b0eb83877d3ed28de1b3fc9c0353033bc39858697

    • SHA512

      404faa7754f15d4ecd5144056b4a254764e76d5de95e1d37b0969035e51fb4480cb1bd3f59a50f56e7957cf74a825cbe6aac8e4b5577ed812d04ff0b651809ef

    • SSDEEP

      192:OjQz1RXvZGqQIaFST8RWoJeux3vyJR32Dgp1I48YZOqf8QAKh0SRRdL0W+Il0q:O01RXvZxQIaFST8RWY3auDe1I4Zf71lR

    Score
    1/10
    behavioral25

    • Target

      .bash/src/p_memory.o

    • Size

      8KB

    • MD5

      6b5e932203811a68fbf45b1bd5ad4425

    • SHA1

      7fb05861345814bdc07ea23a615b17a8ce57319d

    • SHA256

      621915a746aefcf23997909e83aae978c4f57dee2bae5b026e84ea94d264f63d

    • SHA512

      e0530954c68934baeae0bd04164bbb34536fbd454d4e48ae39b80a6e82092e95a0bbef7930a3ed44e8cd6cf4d4bb248bfcdfdb47a4e5995e32e5d828267eec0e

    • SSDEEP

      192:2GcJnfuJmhbU4J/v4ANuBrsu4u/H39qkR:tuQ83HuP39NR

    Score
    1/10
    behavioral26

    • Target

      .bash/src/p_network.o

    • Size

      11KB

    • MD5

      187bb2a1184793392e0a820f321f5d9e

    • SHA1

      370f58070814899913d7e977438f2555a9285dad

    • SHA256

      3af8683b795139606183925a0a285dc8f9c70edbb190660140026225dfb5056a

    • SHA512

      f09cb5220fb67552c66c3b94db4668391d0f25a270048d8b98faa6bdeedd9e96cdbce834add6fb0581e431add8e25916d2c84adb3a711debfb682aabba3249f8

    • SSDEEP

      192:S/vEjqamHPM5u/CB7A070rUQcEbSyC8/ICR/OqMYEFFCaId:S/vEjqamHPM5u/CB7vYrUQHbSyC8gE/z

    Score
    1/10
    behavioral27

    • Target

      .bash/src/p_parse.o

    • Size

      3KB

    • MD5

      20fb132d07a5607c42e66404b3a6d9dc

    • SHA1

      2683f935b69843b6cbc4c2cf19164ace9a036034

    • SHA256

      618a330c7a63eac01c7d3d9c53014b7a27fa2b655278cdc4b37b1877a5303c20

    • SHA512

      64089df87f8756e018ccfec801ad17fb5ccc041611a4e6422dd78e9e0040192f508e9059f5b4e22de75b749d56ce7410b8d5c0e65cd4a0af6bdda40b86289446

    Score
    1/10
    behavioral28

    • Target

      .bash/src/p_peer.o

    • Size

      14KB

    • MD5

      9116ce3854deae757811d673cd05844f

    • SHA1

      00d4c70b5f0197641cbded9bb6363af55398fc22

    • SHA256

      c157939624d19696ed33ed2652dc90717edb35b962984da03c5cffe4ae1763e1

    • SHA512

      89776904bd623630d0f98febcf97f10643883b24d74799e2c3d4c1b9bdf5c5f3ed30ba19e9e679a933bca42f370ce22cdd8d91cf1f8f5a1702195deb38dec379

    • SSDEEP

      384:YHsuQQUWQo9rPykqjVkClKbX3UcQ7p8TI5tIzC/TWsY2tDTYTsI0eHJ:YHsmUNo1VWWUKHUj7p8Mu4q12tDssp8

    Score
    1/10
    behavioral29

    • Target

      .bash/src/p_script.o

    • Size

      16KB

    • MD5

      b127cc4b6866c52ce69bed9447789d53

    • SHA1

      561b4f8af9dd3eb9670ef105543e291c4900e00e

    • SHA256

      dd6f170d49ccba1a861a187d8a9312f1d4369e7ea605fa287e2f22e9dd740b7a

    • SHA512

      2421a8fdfff52b156cec197cd985267a97331eedca29a687d151b21af8c1560ebbdf27bac5dde016af71203d6dcb109dcff5736891dcc16136599f15dcfdb98f

    • SSDEEP

      384:pWEtuFviXIPhBrtomo/muXgjxhpjSlF7VC:pWMUBJo37XOx/jSlFg

    Score
    1/10
    behavioral30

    • Target

      .bash/src/p_server.o

    • Size

      26KB

    • MD5

      1db8110bc7c3d9a01bd2b7829254e00f

    • SHA1

      d0f8e869abb3e66697cc59c3e2df0f35cce5a10b

    • SHA256

      c96c388dfede03a3f41ac8818624e79234d4e2bdbb205d985141687b9beeed43

    • SHA512

      567be97acb91b344c725673441152b2adcbcd19446d6b3afed5652fa2ecc6bad1cfccaa6252ff528fc2945f8380364fc31a120de12e7b2f9b70e8a61b6fd3a9c

    • SSDEEP

      768:g8pS1X6rTWVpZeZ4VX86c0sQaM5fcRCsJFkIvPZl:geAZlaufccsJqIvP

    Score
    1/10
    behavioral31

    • Target

      .bash/src/p_socket.o

    • Size

      12KB

    • MD5

      77eb1f57b5c3e75221d3db1c691e6240

    • SHA1

      ed178acdf3e1abb226084ba3b979aea34c0a0b21

    • SHA256

      1fcdcf2743a891dac4dd667dc2b741d3a67e87537c3dac1e0d98466e5c7c9d75

    • SHA512

      feac932c38eb792eb17c3a4db6660b711dc79d7b7598e6d128d040700cbb09f1be88d89743c00a3c575565bdca4d4804892c24dd0efe910e7451b5d16aef7035

    • SSDEEP

      192:Zi6ZKmKDOiFBp16IbMhBtml6BtX+4zlmFq0ATA6xT9HNFsn:N0t6iFBp17MhHtOF00ATA6xTN4

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

persistence
Score
6/10

behavioral2

persistence
Score
6/10

behavioral3

persistence
Score
6/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10