Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
148s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
23/08/2024, 08:15
Static task
static1
Behavioral task
behavioral1
Sample
03b9cf4bd5ad8edc3cdab641113442c3
Resource
ubuntu2404-amd64-20240523-en
ubuntu-24.04-amd64
2 signatures
150 seconds
General
-
Target
03b9cf4bd5ad8edc3cdab641113442c3
-
Size
1.8MB
-
MD5
03b9cf4bd5ad8edc3cdab641113442c3
-
SHA1
4c3f9e39cbf9e296ce859b0a96cf17cbe14ff4ff
-
SHA256
b3ff5776a4a307717c29b45900192c451e27fbb0ac73fcdeb771d70dc7c5b272
-
SHA512
6a22005d588d24bfcfe9a119fedf3cdce162573162e7d6beb0a4baf9c54d1015d3841f9abe78194c85eaadd5f940dec2ddf27058598d9fc88dbde031e2bb0da4
-
SSDEEP
49152:bNihhOhBNhKhyu7cYx9z2rAnKsfRYaFyZB5Ss5+Nu:5ihhOhBNhKhRwwJ2rouaFyZB5Ss5+Nu
Score
8/10
Malware Config
Signatures
-
Writes memory of remote process 3 IoCs
pid Process 2826 03b9cf4bd5ad8edc3cdab641113442c3 2852 Process not Found 2854 Process not Found -
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2827 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2832 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2836 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2840 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2844 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2826 03b9cf4bd5ad8edc3cdab641113442c3 2848 Process not Found 2826 03b9cf4bd5ad8edc3cdab641113442c3 2854 Process not Found 2855 Process not Found 2858 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found 2854 Process not Found