Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7546b0b643c6138637aa072bbda61d6d

  • Size

    204KB

  • Sample

    240125-xq2e2adcg5

  • MD5

    7546b0b643c6138637aa072bbda61d6d

  • SHA1

    98eea3fa6d56d5457049479980ca53affa7db72a

  • SHA256

    379fb36f6e1f8c1161528d11a1e5b79e09b9d202a692b674f3b2ffe8df320ba3

  • SHA512

    3b7055f369ccb220a224687fa07e80edef2786f3089129885ef1985b07b2583cc01e5bbddf9b10d732dd552447839d9fdedcb6e60049a7f55ed7ea10fe323a0b

  • SSDEEP

    3072:/TNVO/QJHZcfFj4rwLQGTNO5VZLwHm7vuQTpZUyY6co:7O/QJHZweEL/NOjCHm7FZZnc

Score
8/10
upx

Malware Config

Targets

    • Target

      7546b0b643c6138637aa072bbda61d6d

    • Size

      204KB

    • MD5

      7546b0b643c6138637aa072bbda61d6d

    • SHA1

      98eea3fa6d56d5457049479980ca53affa7db72a

    • SHA256

      379fb36f6e1f8c1161528d11a1e5b79e09b9d202a692b674f3b2ffe8df320ba3

    • SHA512

      3b7055f369ccb220a224687fa07e80edef2786f3089129885ef1985b07b2583cc01e5bbddf9b10d732dd552447839d9fdedcb6e60049a7f55ed7ea10fe323a0b

    • SSDEEP

      3072:/TNVO/QJHZcfFj4rwLQGTNO5VZLwHm7vuQTpZUyY6co:7O/QJHZweEL/NOjCHm7FZZnc

    Score
    7/10
    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks