Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    78e31c6e830ed62a38c210114ef5d3be2c13965e04affda1cc8c73d8646670d1.elf

  • Size

    5.6MB

  • Sample

    241012-phmynsvaqj

  • MD5

    e7832e0074f1afe1362f1e8d5d55bec3

  • SHA1

    6b3720bd59c8729210153b9e5360f5e7f9be73b0

  • SHA256

    78e31c6e830ed62a38c210114ef5d3be2c13965e04affda1cc8c73d8646670d1

  • SHA512

    0aa8179617ad0ac5528517bd04ecc9f43c828ffe9389e9d081d2f6b50c2b5bd9ae35c50211f20a7aed475dd678a741f0e825db7477705dc2266a4daa131b82ee

  • SSDEEP

    98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUe:yC91hAFxvW6WGVqq7g3JDCg76dAuE8i5

Malware Config

Targets

    • Target

      78e31c6e830ed62a38c210114ef5d3be2c13965e04affda1cc8c73d8646670d1.elf

    • Size

      5.6MB

    • MD5

      e7832e0074f1afe1362f1e8d5d55bec3

    • SHA1

      6b3720bd59c8729210153b9e5360f5e7f9be73b0

    • SHA256

      78e31c6e830ed62a38c210114ef5d3be2c13965e04affda1cc8c73d8646670d1

    • SHA512

      0aa8179617ad0ac5528517bd04ecc9f43c828ffe9389e9d081d2f6b50c2b5bd9ae35c50211f20a7aed475dd678a741f0e825db7477705dc2266a4daa131b82ee

    • SSDEEP

      98304:yC91hAFxvW6WGVqq7g3JDCg76dAuE8iW5ay5mIOX+aaNcc8pNkxXkz8xBs3K4HUe:yC91hAFxvW6WGVqq7g3JDCg76dAuE8i5

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

MITRE ATT&CK Enterprise v15

Tasks