Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aisuru.arm7

  • Size

    93KB

  • Sample

    240825-t1985stcjc

  • MD5

    d2d7ad31c3916de5e22ad2820b561b6b

  • SHA1

    383f8ef9d3e1b5cb99ad8b28d52ab2aa12908f90

  • SHA256

    0a5828cbda8dfaa85298a90de71a1b9d9c9002fe2dd876b5b62d76ed5cd2552b

  • SHA512

    5e4a3fa756364c1d84546d830fef648454ef4611a00797bf0934da5c90fc5b0c17ff3c71a20621281bbc854df677ea01773b6a0a44a017fd55e9b453646c7152

  • SSDEEP

    1536:kYntXt1r8IaMHD+YIMGJop9oc/Chan/fGoiuxUHfqllwEiTH1wO+uY7nO:B3zbHDRG+pmc/Chan/fGoiuKFHOO+uIO

Score
7/10

Malware Config

Targets

    • Target

      aisuru.arm7

    • Size

      93KB

    • MD5

      d2d7ad31c3916de5e22ad2820b561b6b

    • SHA1

      383f8ef9d3e1b5cb99ad8b28d52ab2aa12908f90

    • SHA256

      0a5828cbda8dfaa85298a90de71a1b9d9c9002fe2dd876b5b62d76ed5cd2552b

    • SHA512

      5e4a3fa756364c1d84546d830fef648454ef4611a00797bf0934da5c90fc5b0c17ff3c71a20621281bbc854df677ea01773b6a0a44a017fd55e9b453646c7152

    • SSDEEP

      1536:kYntXt1r8IaMHD+YIMGJop9oc/Chan/fGoiuxUHfqllwEiTH1wO+uY7nO:B3zbHDRG+pmc/Chan/fGoiuKFHOO+uIO

    Score
    7/10
    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks