Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec8201f3323c5996a021e2abd0310dccd5ce90059cb6ee4c4af2b56bd326e731.elf

  • Size

    98KB

  • Sample

    240219-g6vdnaaf2y

  • MD5

    e5409ee931e29ffc035bf8802a141084

  • SHA1

    ce5d9cbe2ce5c217d55472240afb05a21d6ea69e

  • SHA256

    ec8201f3323c5996a021e2abd0310dccd5ce90059cb6ee4c4af2b56bd326e731

  • SHA512

    6793c7247613d08903105dcb41e33e9785f0c78c186217383b87814d6465b94add98113442b4b56c8f0f00d10d514420b9f9a3e2424d7d2eb77a87f44bdc79f4

  • SSDEEP

    1536:nR8r9obMb1xSK0AqVNvBOUUiMx7CBSkHC3eANKlDZQYr8N4eAe7ZiA:nRG9obMb1xb0AqVi3eLDhje7V

Score
7/10

Malware Config

Targets

    • Target

      ec8201f3323c5996a021e2abd0310dccd5ce90059cb6ee4c4af2b56bd326e731.elf

    • Size

      98KB

    • MD5

      e5409ee931e29ffc035bf8802a141084

    • SHA1

      ce5d9cbe2ce5c217d55472240afb05a21d6ea69e

    • SHA256

      ec8201f3323c5996a021e2abd0310dccd5ce90059cb6ee4c4af2b56bd326e731

    • SHA512

      6793c7247613d08903105dcb41e33e9785f0c78c186217383b87814d6465b94add98113442b4b56c8f0f00d10d514420b9f9a3e2424d7d2eb77a87f44bdc79f4

    • SSDEEP

      1536:nR8r9obMb1xSK0AqVNvBOUUiMx7CBSkHC3eANKlDZQYr8N4eAe7ZiA:nRG9obMb1xb0AqVi3eLDhje7V

    Score
    7/10
    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Creates/modifies environment variables

      Creating/modifying environment variables is a common persistence mechanism.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

    • Modifies Bash startup script

MITRE ATT&CK Enterprise v15

Tasks