Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
0s -
max time network
132s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240226-en -
resource tags
-
submitted
10/04/2024, 07:39
General
-
Target
7efea614cd6eaf338da6d788029fff8b7a62e17ca8dcf58c5932db045c358dc6
-
Size
6.5MB
-
MD5
921915ecfe17593476648ad20cd61ecd
-
SHA1
d29fd5365843f85397f8d89b8d591caeecd32187
-
SHA256
7efea614cd6eaf338da6d788029fff8b7a62e17ca8dcf58c5932db045c358dc6
-
SHA512
798c5bb0f88827d453eec6c2f25d1257887e0fb861137caed5135277b828b6fcc42cce64b2079905c324c76d32d6e88f0fbaa235e0c553d6846e725382fa73b6
-
SSDEEP
98304:dDilGomA8pmFNUqJAM8omTeTf2d1a03i3uXYp1kKtv:hWErpTeTOd1ly3uXYp1ptv
Malware Config
Signatures
-
Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
-
Writes file to shm directory 1 IoCs
Malware can drop malicious files in the shm directory which will run directly from RAM.
Processes
-
/tmp/7efea614cd6eaf338da6d788029fff8b7a62e17ca8dcf58c5932db045c358dc6/tmp/7efea614cd6eaf338da6d788029fff8b7a62e17ca8dcf58c5932db045c358dc61⤵
- Enumerates kernel/hardware configuration
-
/bin/bashbash -c "echo '@reboot ../.local/share/updates' >> /dev/shm/mycron"2⤵
- Writes file to shm directory
-
-
/usr/bin/crontabcrontab -u /dev/shm/mycron2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32B
MD5c83ef1acb4da94b9801a8e3d6fa02912
SHA1bde69689c815a9a1be40874284da270752edd5e6
SHA256c71134139edd6d98813fe83e8227369b85aa87cfc4bbd9da5aa3c434b6c2d5e2
SHA5125065399199afce5550322402cb31d92fbdcb9ff9beb63d3519f61805f1ad967100df0294fcf729904ac1143157c710873cfefdda9485dbd5af4991fe65d48d88