Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/12/2023, 17:05

231229-vlw9eaecgm 7

29/12/2023, 16:47

231229-valnjahfd7 1

General

  • Target

    2459d0ad7e2ece7c809af418bc28463513751ffd3211dcd61b747074458b9afd

  • Size

    83KB

  • Sample

    231229-vlw9eaecgm

  • MD5

    39f2fd5229e58c33b386ea297c4ff5f2

  • SHA1

    e524b2e4072391fd5224738d0fb948c667a7d5c1

  • SHA256

    2459d0ad7e2ece7c809af418bc28463513751ffd3211dcd61b747074458b9afd

  • SHA512

    0a5b41b8416cf3347a7e1b3db6adc091a45cdf0ba3aa516dbfa84012eeee66e5a0ef9bbb31166d7923da32d08cdac5171f3064718bcfcd2a95c190d5b862a3b1

  • SSDEEP

    1536:yYI0ARqw1qAEW67UIWi7M8gmfmJo0WgswnD6Efyq8PxlRkp2K3/J1V+uBNp:yYI0ARqw1qAEv7UIFM8oJorFquyjkRkr

Score
7/10

Malware Config

Targets

    • Target

      2459d0ad7e2ece7c809af418bc28463513751ffd3211dcd61b747074458b9afd

    • Size

      83KB

    • MD5

      39f2fd5229e58c33b386ea297c4ff5f2

    • SHA1

      e524b2e4072391fd5224738d0fb948c667a7d5c1

    • SHA256

      2459d0ad7e2ece7c809af418bc28463513751ffd3211dcd61b747074458b9afd

    • SHA512

      0a5b41b8416cf3347a7e1b3db6adc091a45cdf0ba3aa516dbfa84012eeee66e5a0ef9bbb31166d7923da32d08cdac5171f3064718bcfcd2a95c190d5b862a3b1

    • SSDEEP

      1536:yYI0ARqw1qAEW67UIWi7M8gmfmJo0WgswnD6Efyq8PxlRkp2K3/J1V+uBNp:yYI0ARqw1qAEv7UIFM8oJorFquyjkRkr

    Score
    7/10
    • Changes its process name

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks