Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    258ec354201af0f0b6015ad02738fede58936cb84810222c4b0b7343a53ef921.elf

  • Size

    49KB

  • Sample

    240213-cldg7aaf44

  • MD5

    89d3cce7dbc9688305c0b2c5061c5a43

  • SHA1

    576ac3175d85ddb3fceb3fb76fdd89929088d3b3

  • SHA256

    258ec354201af0f0b6015ad02738fede58936cb84810222c4b0b7343a53ef921

  • SHA512

    1df216f351fe3cca53718019988af647c690d8c6e057aad9a7f4c0d16ba92ad8378031810a9cebd0c5a47503dded6cfada42a8b54c25b81a647cde54ddcada06

  • SSDEEP

    1536:Y6elVWRLShIvuIHuR86NofaE232Lb4mbAMwLUIgl:qjWBAAHuR86ofaE23bm/4UIgl

Score
10/10

Malware Config

Targets

    • Target

      258ec354201af0f0b6015ad02738fede58936cb84810222c4b0b7343a53ef921.elf

    • Size

      49KB

    • MD5

      89d3cce7dbc9688305c0b2c5061c5a43

    • SHA1

      576ac3175d85ddb3fceb3fb76fdd89929088d3b3

    • SHA256

      258ec354201af0f0b6015ad02738fede58936cb84810222c4b0b7343a53ef921

    • SHA512

      1df216f351fe3cca53718019988af647c690d8c6e057aad9a7f4c0d16ba92ad8378031810a9cebd0c5a47503dded6cfada42a8b54c25b81a647cde54ddcada06

    • SSDEEP

      1536:Y6elVWRLShIvuIHuR86NofaE232Lb4mbAMwLUIgl:qjWBAAHuR86ofaE23bm/4UIgl

    Score
    7/10
    • Changes its process name

    • Deletes itself

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks