Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
136s -
max time network
140s -
platform
debian-9_mips -
resource
debian9-mipsbe-20231215-en -
resource tags
-
submitted
26/12/2023, 00:20
General
-
Target
45f345dd8221ca7d1d2e9222f55179d2
-
Size
97KB
-
MD5
45f345dd8221ca7d1d2e9222f55179d2
-
SHA1
76a3f069e80957124cdf1b1e041c13b6870dfffd
-
SHA256
54c48edfc4b9ad5b5b4e97842ed5c269374b77759b1a5bef654df3089d75311d
-
SHA512
7a35f04ccb5355e45c280ee1663b227e8b8570bcd5d64af0a03554f51f5235a35f780c60aec0739b2b4f7222e64600ed02163116cbd2d9973c8a94c222cad4e5
-
SSDEEP
3072:SYCZj/EZjBA3Vmqxq+7zIqStTmjNBcB9Y446QrM4HLFSQnT:SpZj/EZjczrEQT
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 3 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Reads CPU attributes 1 TTPs 1 IoCs
-
Reads runtime system information 2 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 2 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/45f345dd8221ca7d1d2e9222f55179d2/tmp/45f345dd8221ca7d1d2e9222f55179d21⤵
-
/usr/local/sbin/python2python2 /tmp/45f345dd8221ca7d1d2e9222f55179d21⤵
-
/usr/local/bin/python2python2 /tmp/45f345dd8221ca7d1d2e9222f55179d21⤵
-
/usr/sbin/python2python2 /tmp/45f345dd8221ca7d1d2e9222f55179d21⤵
-
/usr/bin/python2python2 /tmp/45f345dd8221ca7d1d2e9222f55179d21⤵
- Reads runtime system information
-
/sbin/ldconfig/sbin/ldconfig -p2⤵
-
-
/bin/shsh -c "uname -p 2> /dev/null"1⤵
-
/bin/unameuname -p2⤵
-