Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
6Static
static
1test.zip
windows7-x64
1test.zip
windows10-2004-x64
1test/bin/telnetd
ubuntu-20.04-amd64
1test/bin/test
ubuntu-20.04-amd64
1test/bin/tftp
ubuntu-18.04-amd64
1test/bin/tftpd
ubuntu-20.04-amd64
1test/bin/time
ubuntu-20.04-amd64
1test/bin/timeout
ubuntu-20.04-amd64
1test/bin/top
ubuntu-20.04-amd64
6test/bin/touch
ubuntu-20.04-amd64
1test/bin/tr
ubuntu-20.04-amd64
1test/bin/traceroute
ubuntu-20.04-amd64
1test/bin/traceroute6
ubuntu-18.04-amd64
1test/bin/true
ubuntu-20.04-amd64
1test/bin/truncate
ubuntu-20.04-amd64
1test/bin/ts
ubuntu-20.04-amd64
1test/bin/tty
ubuntu-20.04-amd64
1test/bin/ttysize
ubuntu-20.04-amd64
1test/bin/tunctl
ubuntu-20.04-amd64
1test/bin/ubiattach
ubuntu-18.04-amd64
1test/bin/ubidetach
ubuntu-20.04-amd64
1test/bin/ubimkvol
ubuntu-20.04-amd64
1test/bin/ubirename
ubuntu-20.04-amd64
1test/bin/ubirmvol
ubuntu-20.04-amd64
1test/bin/ubirsvol
ubuntu-20.04-amd64
1test/bin/ubiupdatevol
ubuntu-18.04-amd64
1test/bin/udhcpc
ubuntu-20.04-amd64
1test/bin/udhcpc6
ubuntu-20.04-amd64
1test/bin/udhcpd
ubuntu-20.04-amd64
1test/bin/udpsvd
ubuntu-18.04-amd64
1test/bin/uevent
ubuntu-20.04-amd64
1test/bin/umount
ubuntu-20.04-amd64
3Resubmissions
21/02/2024, 21:33
240221-1ebl1sff21 121/02/2024, 21:21
240221-z7ptnsfd7t 321/02/2024, 21:11
240221-z1lhnsfh42 621/02/2024, 20:59
240221-zs7qyafc41 621/02/2024, 20:49
240221-zl1n2sfb6y 321/02/2024, 20:37
240221-zefqasfe76 621/02/2024, 20:24
240221-y65m3aeh3v 621/02/2024, 20:10
240221-yxsl5sfc47 621/02/2024, 19:59
240221-yqk9gsef4y 621/02/2024, 19:43
240221-ye7ncaeh25 6Analysis
-
max time kernel
152s -
max time network
134s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
21/02/2024, 21:11
Static task
static1
Behavioral task
behavioral1
Sample
test.zip
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
test.zip
Resource
win10v2004-20240221-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
test/bin/telnetd
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral4
Sample
test/bin/test
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral5
Sample
test/bin/tftp
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral6
Sample
test/bin/tftpd
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral7
Sample
test/bin/time
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral8
Sample
test/bin/timeout
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral9
Sample
test/bin/top
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral10
Sample
test/bin/touch
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral11
Sample
test/bin/tr
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral12
Sample
test/bin/traceroute
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral13
Sample
test/bin/traceroute6
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral14
Sample
test/bin/true
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral15
Sample
test/bin/truncate
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral16
Sample
test/bin/ts
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral17
Sample
test/bin/tty
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral18
Sample
test/bin/ttysize
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral19
Sample
test/bin/tunctl
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral20
Sample
test/bin/ubiattach
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral21
Sample
test/bin/ubidetach
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral22
Sample
test/bin/ubimkvol
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral23
Sample
test/bin/ubirename
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral24
Sample
test/bin/ubirmvol
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral25
Sample
test/bin/ubirsvol
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral26
Sample
test/bin/ubiupdatevol
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral27
Sample
test/bin/udhcpc
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral28
Sample
test/bin/udhcpc6
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral29
Sample
test/bin/udhcpd
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral30
Sample
test/bin/udpsvd
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral31
Sample
test/bin/uevent
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral32
Sample
test/bin/umount
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
General
-
Target
test/bin/top
-
Size
1.1MB
-
MD5
991461b86aebecfd096dc11ff2a04b4b
-
SHA1
dc5074340d4631bbf89adc122e8f1a3ca8d87564
-
SHA256
dcd9a5af1c6297ed1a66c851efa305000335d8ade068ba515125a6612f1d5300
-
SHA512
8692fb03afbb9601444911167f579c23dfece59d04816b18591f7eb712572f63ce7b12e42dcc02f0e67110208f31f44501708f4b8d0fd8f20be6f1ea3bc0f3a5
-
SSDEEP
24576:qpLODejvoXyo2dIfScaxJZ7+0T8eaj+I++lZq49k77i:kLODe0XgdI83ak4/9k7u
Malware Config
Signatures
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/75/stat top File opened for reading /proc/1077/cmdline top File opened for reading /proc/242/stat top File opened for reading /proc/497/stat top File opened for reading /proc/591/stat top File opened for reading /proc/1099/cmdline top File opened for reading /proc/8/stat top File opened for reading /proc/18/stat top File opened for reading /proc/498/stat top File opened for reading /proc/983/stat top File opened for reading /proc/1037/stat top File opened for reading /proc/1456/stat top File opened for reading /proc/92/stat top File opened for reading /proc/683/cmdline top File opened for reading /proc/1448/stat top File opened for reading /proc/2/stat top File opened for reading /proc/84/stat top File opened for reading /proc/89/stat top File opened for reading /proc/270/stat top File opened for reading /proc/803/stat top File opened for reading /proc/836/cmdline top File opened for reading /proc/1447/stat top File opened for reading /proc/174/stat top File opened for reading /proc/817/stat top File opened for reading /proc/1299/stat top File opened for reading /proc/17/stat top File opened for reading /proc/90/stat top File opened for reading /proc/130/stat top File opened for reading /proc/640/stat top File opened for reading /proc/1089/stat top File opened for reading /proc/1308/stat top File opened for reading /proc/1450/stat top File opened for reading /proc/1/stat top File opened for reading /proc/23/stat top File opened for reading /proc/24/stat top File opened for reading /proc/552/stat top File opened for reading /proc/1435/stat top File opened for reading /proc/1451/stat top File opened for reading /proc/444/cmdline top File opened for reading /proc/683/stat top File opened for reading /proc/1108/stat top File opened for reading /proc/1137/stat top File opened for reading /proc/170/stat top File opened for reading /proc/9/stat top File opened for reading /proc/166/stat top File opened for reading /proc/1006/stat top File opened for reading /proc/1129/stat top File opened for reading /proc/922/cmdline top File opened for reading /proc/19/stat top File opened for reading /proc/503/stat top File opened for reading /proc/629/stat top File opened for reading /proc/1086/stat top File opened for reading /proc/1097/stat top File opened for reading /proc/1434/stat top File opened for reading /proc/91/stat top File opened for reading /proc/1099/stat top File opened for reading /proc/161/stat top File opened for reading /proc/175/stat top File opened for reading /proc/697/stat top File opened for reading /proc/983/cmdline top File opened for reading /proc/1436/cmdline top File opened for reading /proc/4/stat top File opened for reading /proc/16/stat top File opened for reading /proc/76/stat top