Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

adfd826827...kes118

ubuntu-18.04-amd64

10

adfd826827...kes118

debian-9-armhf

6

adfd826827...kes118

debian-9-mips

adfd826827...kes118

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    adfd82682720153deaf4016646e10ff4_JaffaCakes118

  • Size

    28KB

  • Sample

    240615-mg3lmaxbra

  • MD5

    adfd82682720153deaf4016646e10ff4

  • SHA1

    ca692f655cb6bc8cbdc7ac816b4554d851beaeaf

  • SHA256

    91ee347a4a272d947faba623570bc9c23963d0d2eed0011cd62af856b9800f22

  • SHA512

    2411c51fa4e7af9d5a4ed6ef3121da1885f0f23239eacd59102e55c1974c12cc3f7b6748af30aa79ec686e972614000da626708045e42ef784f3a9a17336d3c6

  • SSDEEP

    384:p7pQQwQHDf6jlpTWg3vMGQiKMvU/4Qdre21jT58vKpG2Y0orcfKLUv0KZnNEVdeq:p7JVFNcD8FLcIwgiYq0xFBt65

Score
10/10
xmrig_linuxevasionlinuxminerrootkit

Malware Config

Targets

    • Target

      adfd82682720153deaf4016646e10ff4_JaffaCakes118

    • Size

      28KB

    • MD5

      adfd82682720153deaf4016646e10ff4

    • SHA1

      ca692f655cb6bc8cbdc7ac816b4554d851beaeaf

    • SHA256

      91ee347a4a272d947faba623570bc9c23963d0d2eed0011cd62af856b9800f22

    • SHA512

      2411c51fa4e7af9d5a4ed6ef3121da1885f0f23239eacd59102e55c1974c12cc3f7b6748af30aa79ec686e972614000da626708045e42ef784f3a9a17336d3c6

    • SSDEEP

      384:p7pQQwQHDf6jlpTWg3vMGQiKMvU/4Qdre21jT58vKpG2Y0orcfKLUv0KZnNEVdeq:p7JVFNcD8FLcIwgiYq0xFBt65

    Score
    10/10
    xmrig_linuxevasionminerrootkit

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig_linux

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

      evasion

    • Flushes firewall rules

      Flushes/ disables firewall rules inside the Linux kernel.

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Attempts to change immutable files

      Modifies inode attributes on the filesystem to allow changing of immutable files.

    • Disables AppArmor

      Disables AppArmor security module.

    • Disables SELinux

      Disables SELinux security module.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.