Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    07/03/2024, 02:19

General

  • Target

    65ff40099d3a49d96d8cd4fa0d8859002e2bb2901890f5afcf74e155fd676689.elf

  • Size

    95KB

  • MD5

    817de5d809f87e187400a823a9dc42dc

  • SHA1

    8529a538d67ffb7a0a6c884acdb0474e25ca8910

  • SHA256

    65ff40099d3a49d96d8cd4fa0d8859002e2bb2901890f5afcf74e155fd676689

  • SHA512

    bfeb8365a6d3797e95c1aac90d62459e44aea2643a3dc227767d838aebbcf10d8c07239ee056deabfa411c3f534d729fbf4b7447cae7d38fb2b1dd8d5e112f57

  • SSDEEP

    1536:M/AcoC7du0MBS/tZcJUTJKpBBn9Sw3zJ2TOTt4fB6S3f16ewYf+Ws:6A3C7du3BGtZcJUTA7h9Sw3yOZSx3fnG

Score
9/10

Malware Config

Signatures

  • Contacts a large (163980) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Changes its process name 1 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/65ff40099d3a49d96d8cd4fa0d8859002e2bb2901890f5afcf74e155fd676689.elf
    /tmp/65ff40099d3a49d96d8cd4fa0d8859002e2bb2901890f5afcf74e155fd676689.elf
    1⤵
    • Changes its process name
    PID:1472

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads