Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
6Static
static
1test.zip
windows7-x64
1test.zip
windows10-2004-x64
1test/bin/ipcs
ubuntu-20.04-amd64
1test/bin/iplink
ubuntu-20.04-amd64
1test/bin/ipneigh
ubuntu-20.04-amd64
4test/bin/iproute
ubuntu-20.04-amd64
1test/bin/iprule
ubuntu-20.04-amd64
1test/bin/iptunnel
ubuntu-20.04-amd64
4test/bin/kbd_mode
ubuntu-20.04-amd64
1test/bin/kill
ubuntu-20.04-amd64
1test/bin/killall
ubuntu-20.04-amd64
1test/bin/killall5
ubuntu-20.04-amd64
6test/bin/klogd
ubuntu-20.04-amd64
1test/bin/last
ubuntu-20.04-amd64
1test/bin/less
ubuntu-20.04-amd64
1test/bin/link
ubuntu-20.04-amd64
1test/bin/linux32
ubuntu-20.04-amd64
1test/bin/linux64
ubuntu-20.04-amd64
1test/bin/linuxrc
ubuntu-20.04-amd64
3test/bin/ln
ubuntu-20.04-amd64
1test/bin/loadfont
ubuntu-20.04-amd64
1test/bin/loadkmap
ubuntu-20.04-amd64
1test/bin/logger
ubuntu-20.04-amd64
1test/bin/login
ubuntu-20.04-amd64
1test/bin/logname
ubuntu-18.04-amd64
1test/bin/logread
ubuntu-20.04-amd64
1test/bin/losetup
ubuntu-20.04-amd64
1test/bin/lpd
ubuntu-20.04-amd64
1test/bin/lpq
ubuntu-20.04-amd64
1test/bin/lpr
ubuntu-20.04-amd64
1test/bin/ls
ubuntu-20.04-amd64
1test/bin/lsattr
ubuntu-18.04-amd64
1Resubmissions
21/02/2024, 21:33
240221-1ebl1sff21 121/02/2024, 21:21
240221-z7ptnsfd7t 321/02/2024, 21:11
240221-z1lhnsfh42 621/02/2024, 20:59
240221-zs7qyafc41 621/02/2024, 20:49
240221-zl1n2sfb6y 321/02/2024, 20:37
240221-zefqasfe76 621/02/2024, 20:24
240221-y65m3aeh3v 621/02/2024, 20:10
240221-yxsl5sfc47 621/02/2024, 19:59
240221-yqk9gsef4y 621/02/2024, 19:43
240221-ye7ncaeh25 6Analysis
-
max time kernel
8s -
max time network
53s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
21/02/2024, 19:43
Static task
static1
Behavioral task
behavioral1
Sample
test.zip
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
test.zip
Resource
win10v2004-20240221-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
test/bin/ipcs
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral4
Sample
test/bin/iplink
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral5
Sample
test/bin/ipneigh
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral6
Sample
test/bin/iproute
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral7
Sample
test/bin/iprule
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral8
Sample
test/bin/iptunnel
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral9
Sample
test/bin/kbd_mode
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral10
Sample
test/bin/kill
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral11
Sample
test/bin/killall
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral12
Sample
test/bin/killall5
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral13
Sample
test/bin/klogd
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral14
Sample
test/bin/last
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral15
Sample
test/bin/less
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral16
Sample
test/bin/link
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral17
Sample
test/bin/linux32
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral18
Sample
test/bin/linux64
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral19
Sample
test/bin/linuxrc
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral20
Sample
test/bin/ln
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral21
Sample
test/bin/loadfont
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral22
Sample
test/bin/loadkmap
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral23
Sample
test/bin/logger
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral24
Sample
test/bin/login
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral25
Sample
test/bin/logname
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral26
Sample
test/bin/logread
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral27
Sample
test/bin/losetup
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral28
Sample
test/bin/lpd
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral29
Sample
test/bin/lpq
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral30
Sample
test/bin/lpr
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral31
Sample
test/bin/ls
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral32
Sample
test/bin/lsattr
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
General
-
Target
test/bin/killall5
-
Size
1.1MB
-
MD5
991461b86aebecfd096dc11ff2a04b4b
-
SHA1
dc5074340d4631bbf89adc122e8f1a3ca8d87564
-
SHA256
dcd9a5af1c6297ed1a66c851efa305000335d8ade068ba515125a6612f1d5300
-
SHA512
8692fb03afbb9601444911167f579c23dfece59d04816b18591f7eb712572f63ce7b12e42dcc02f0e67110208f31f44501708f4b8d0fd8f20be6f1ea3bc0f3a5
-
SSDEEP
24576:qpLODejvoXyo2dIfScaxJZ7+0T8eaj+I++lZq49k77i:kLODe0XgdI83ak4/9k7u
Malware Config
Signatures
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/455/stat killall5 File opened for reading /proc/581/stat killall5 File opened for reading /proc/3/stat killall5 File opened for reading /proc/10/stat killall5 File opened for reading /proc/19/stat killall5 File opened for reading /proc/102/stat killall5 File opened for reading /proc/173/stat killall5 File opened for reading /proc/403/stat killall5 File opened for reading /proc/782/stat killall5 File opened for reading /proc/989/stat killall5 File opened for reading /proc/1143/stat killall5 File opened for reading /proc/1184/stat killall5 File opened for reading /proc/84/stat killall5 File opened for reading /proc/787/stat killall5 File opened for reading /proc/906/stat killall5 File opened for reading /proc/12/stat killall5 File opened for reading /proc/158/stat killall5 File opened for reading /proc/176/stat killall5 File opened for reading /proc/469/stat killall5 File opened for reading /proc/804/stat killall5 File opened for reading /proc/1050/stat killall5 File opened for reading /proc/1305/stat killall5 File opened for reading /proc/159/stat killall5 File opened for reading /proc/175/stat killall5 File opened for reading /proc/487/stat killall5 File opened for reading /proc/812/stat killall5 File opened for reading /proc/973/stat killall5 File opened for reading /proc/1118/stat killall5 File opened for reading /proc/22/stat killall5 File opened for reading /proc/200/stat killall5 File opened for reading /proc/312/stat killall5 File opened for reading /proc/1387/stat killall5 File opened for reading /proc/16/stat killall5 File opened for reading /proc/20/stat killall5 File opened for reading /proc/566/stat killall5 File opened for reading /proc/1038/stat killall5 File opened for reading /proc/5/stat killall5 File opened for reading /proc/17/stat killall5 File opened for reading /proc/806/stat killall5 File opened for reading /proc/962/stat killall5 File opened for reading /proc/18/stat killall5 File opened for reading /proc/24/stat killall5 File opened for reading /proc/167/stat killall5 File opened for reading /proc/443/stat killall5 File opened for reading /proc/693/stat killall5 File opened for reading /proc/910/stat killall5 File opened for reading /proc/8/stat killall5 File opened for reading /proc/166/stat killall5 File opened for reading /proc/765/stat killall5 File opened for reading /proc/977/stat killall5 File opened for reading /proc/1060/stat killall5 File opened for reading /proc/6/stat killall5 File opened for reading /proc/13/stat killall5 File opened for reading /proc/76/stat killall5 File opened for reading /proc/177/stat killall5 File opened for reading /proc/442/stat killall5 File opened for reading /proc/1042/stat killall5 File opened for reading /proc/1/stat killall5 File opened for reading /proc/4/stat killall5 File opened for reading /proc/79/stat killall5 File opened for reading /proc/163/stat killall5 File opened for reading /proc/519/stat killall5 File opened for reading /proc/799/stat killall5 File opened for reading /proc/1419/stat killall5