Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    12ffe402a6d5b35160009cfd140ceed6.bin

  • Size

    1.9MB

  • Sample

    240319-bhjz5adc52

  • MD5

    49824015f8ef5075a4104c5255fe810c

  • SHA1

    d7086e4d21f326dba6dd42b0b9e8febb4550904b

  • SHA256

    1b26446a1b9dd089fe42f0e9dbee7edcb98f9743981ab95ed86097a3cff5d00b

  • SHA512

    341a2071f08b6f37afc854f0d430814f60077cc3115aa6633544a743e50b62186518a72259d3b4db85bdb8b6c2d4ca9c1f86114e934b77ebdd60f481373d41ee

  • SSDEEP

    49152:tnexRv1pfWDTykC/D8+NmLFHZM56TVCt7NyaBnjz:Nuv19wTyFtn6TVCtLjz

Malware Config

Targets

    • Target

      a40f89f498d651c969f038327cfac9eac4254eed47ff819e3e5d954c896856be.elf

    • Size

      2.0MB

    • MD5

      12ffe402a6d5b35160009cfd140ceed6

    • SHA1

      7f21f863f00c9bff182c3044ea225574b02107cf

    • SHA256

      a40f89f498d651c969f038327cfac9eac4254eed47ff819e3e5d954c896856be

    • SHA512

      d72e41dd3b346280e3f7a6fdef0031e1203239e9e7bda96cd077c58be36dd270923708adf26090f09ad5d8db1df6b9ceed14336c1284d196ae297b096379b9b8

    • SSDEEP

      49152:Tvdem3S7FxEqg0Y4NIY4cxFrUqIR296CbO:lS5xEqgCGYxxFHe29c

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads CPU attributes

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

MITRE ATT&CK Enterprise v15

Tasks