Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
-
Size
1KB
-
Sample
240616-bffjxswglr
-
MD5
d193b38e3a66cd7c8f955635d3bc1996
-
SHA1
6889c638313f9f58e8f86fd1b7849500de26372d
-
SHA256
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb
-
SHA512
cdf8abc89a92246dd95f13fb92b8c88a275f241ab94c1ed02dc93967c378c1bce35c2e16ffada7ca5b5c6890efaf79ae7d4cb5ae79f8aa1e270d478ff7606d73
Static task
static1
Behavioral task
behavioral1
Sample
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
Resource
debian9-mipsel-20240418-en
Malware Config
Targets
-
-
Target
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb.sh
-
Size
1KB
-
MD5
d193b38e3a66cd7c8f955635d3bc1996
-
SHA1
6889c638313f9f58e8f86fd1b7849500de26372d
-
SHA256
2c602147c727621c5e98525466b8ea78832abe2c3de10f0b33ce9a4adea205eb
-
SHA512
cdf8abc89a92246dd95f13fb92b8c88a275f241ab94c1ed02dc93967c378c1bce35c2e16ffada7ca5b5c6890efaf79ae7d4cb5ae79f8aa1e270d478ff7606d73
-
Contacts a large (1024776) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
XMRig Miner payload
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-