Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    154s
  • max time network
    157s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22/12/2023, 15:55

General

  • Target

    e351f5b9a38a593ed40e245cc54f788a

  • Size

    1.2MB

  • MD5

    e351f5b9a38a593ed40e245cc54f788a

  • SHA1

    cdc2be70d70e589ba24981c6831ec6cd6013cde0

  • SHA256

    19c757b1bf9fe5022de231b9d91cedab535771fbbe41d07d62909be03476b975

  • SHA512

    21cc2acb58c6cb28b94cc17bd8627c5322d31bb7619a229a8babf25993e5f6882be3e1918fad8ea0dea8ec0fb5dc4338bf497b9b3bc898d8fb06af2897c78ca4

  • SSDEEP

    24576:pD4BUafyp9vpL9zBMIjOY4BXDxNAvEJXnu2jBwWHjl/bOS6xkO30:Z4BUafyp9vpLVBMPBXtNICXu2lw6pOkd

Score
6/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/e351f5b9a38a593ed40e245cc54f788a
    /tmp/e351f5b9a38a593ed40e245cc54f788a
    1⤵
      PID:1538

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads