Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

6553e70962...f7c15a

ubuntu-18.04-amd64

6

Analysis

  • max time kernel
    125s
  • max time network
    132s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    18/01/2024, 12:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6553e70962e9a1bc656627bc6df7c15a

  • Size

    10.7MB

  • MD5

    6553e70962e9a1bc656627bc6df7c15a

  • SHA1

    68dcacf91d84d9d637fe7246550e24355465cf17

  • SHA256

    6cb8da6b20d1ec5f2809819f1bd888bd2119d6c786d3361ebba38ce3cade6bd0

  • SHA512

    08f2e1c0fbe34aac25fad4374824a94858af2e0a0006eb9abdc0abbfc0aa120e62f58d498d54e2f87880cad02ea2f012216acfe5146ca06acb2806174321731c

  • SSDEEP

    196608:WCFJ1m1+iqjtJ9UE56rYdpZq8+ov3CkSlU6hoxJKD7cAvoXc9:WKJG+Dh5OYdrIKi/F

Score
6/10
antivmevasion

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm
  • Reads hardware information 1 TTPs 3 IoCs

    Accesses system info like serial numbers, manufacturer names etc.

  • Reads list of loaded kernel modules 1 TTPs 1 IoCs

    Reads the list of currently loaded kernel modules, possibly to detect virtual environments.

    evasion
  • Enumerates kernel/hardware configuration 1 TTPs 3 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 10 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/6553e70962e9a1bc656627bc6df7c15a
    /tmp/6553e70962e9a1bc656627bc6df7c15a
    1⤵
    • Reads hardware information
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:1534
    • /usr/bin/getconf
      /usr/bin/getconf CLK_TCK
      2⤵
        PID:1538
      • /tmp/6553e70962e9a1bc656627bc6df7c15a
        /tmp/6553e70962e9a1bc656627bc6df7c15a
        2⤵
        • Reads hardware information
        • Enumerates kernel/hardware configuration
        • Reads runtime system information
        PID:1539
        • /usr/bin/getconf
          /usr/bin/getconf CLK_TCK
          3⤵
            PID:1546
          • /tmp/6553e70962e9a1bc656627bc6df7c15a
            /tmp/6553e70962e9a1bc656627bc6df7c15a
            3⤵
            • Reads hardware information
            • Enumerates kernel/hardware configuration
            • Reads runtime system information
            PID:1547
            • /usr/bin/getconf
              /usr/bin/getconf CLK_TCK
              4⤵
                PID:1551

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads