Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    linux.sh

  • Size

    368B

  • Sample

    240714-sb38vsvfmj

  • MD5

    5b3772dd8e532cb3f6ea8305ef533772

  • SHA1

    d244914fe5f4346ad70ae1cfcb0d127ef9d8ba61

  • SHA256

    f48afa0d3b55c9f1c223c8a1aa9a14d5b7b085c9cf8fb009eba7f5969b065ab2

  • SHA512

    478536e3c3dd6e9293c6332f6712583d8a6f9053abdc845933172dd0b9c8130e359022b85e87c9a286be55042a9b07a32af2b2712ea4b844f4dfbff05e4936ea

Score
7/10

Malware Config

Targets

    • Target

      linux.sh

    • Size

      368B

    • MD5

      5b3772dd8e532cb3f6ea8305ef533772

    • SHA1

      d244914fe5f4346ad70ae1cfcb0d127ef9d8ba61

    • SHA256

      f48afa0d3b55c9f1c223c8a1aa9a14d5b7b085c9cf8fb009eba7f5969b065ab2

    • SHA512

      478536e3c3dd6e9293c6332f6712583d8a6f9053abdc845933172dd0b9c8130e359022b85e87c9a286be55042a9b07a32af2b2712ea4b844f4dfbff05e4936ea

    Score
    7/10
    • Executes dropped EXE

    • Checks mountinfo of local process

      Checks mountinfo of running processes which indicate if it is running in chroot jail.

    • Deletes log files

      Deletes log files on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Write file to user bin folder

MITRE ATT&CK Enterprise v15

Tasks