Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f3ef5a1fdee5d0c111a5c50413dd5e32f6361ed59ce2b2254c87155555072bfe.elf

  • Size

    158KB

  • Sample

    240712-yg5a1azdqa

  • MD5

    21abe1976518572dc808020864051928

  • SHA1

    c0bbb04dad21806444e87fe3ad0d0be786b2332f

  • SHA256

    f3ef5a1fdee5d0c111a5c50413dd5e32f6361ed59ce2b2254c87155555072bfe

  • SHA512

    c6804453f40098188a719aca73d4e3b09bbd98932c446e23f090e21643a020a4299a355334edce0e4650e3ac8dd63af84d35977c05a0fe552581e74b516227a2

  • SSDEEP

    3072:Ko3592LVKmES3vw7ZJsgrUYwWNcYIyi5Rtd4ffOB/XEFj2ilFb1lbWjlr:r2LomESuZJsgrUO0dEOB/XEFj2oFb1lw

Score
9/10

Malware Config

Targets

    • Target

      f3ef5a1fdee5d0c111a5c50413dd5e32f6361ed59ce2b2254c87155555072bfe.elf

    • Size

      158KB

    • MD5

      21abe1976518572dc808020864051928

    • SHA1

      c0bbb04dad21806444e87fe3ad0d0be786b2332f

    • SHA256

      f3ef5a1fdee5d0c111a5c50413dd5e32f6361ed59ce2b2254c87155555072bfe

    • SHA512

      c6804453f40098188a719aca73d4e3b09bbd98932c446e23f090e21643a020a4299a355334edce0e4650e3ac8dd63af84d35977c05a0fe552581e74b516227a2

    • SSDEEP

      3072:Ko3592LVKmES3vw7ZJsgrUYwWNcYIyi5Rtd4ffOB/XEFj2ilFb1lbWjlr:r2LomESuZJsgrUO0dEOB/XEFj2oFb1lw

    Score
    9/10
    • Contacts a large (225055) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks