Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
07/12/2024, 03:49
241207-edgkzszrdj 1004/12/2024, 22:38
241204-2kv4aa1jgn 1004/12/2024, 20:49
241204-zl1ztawnfk 1004/12/2024, 20:48
241204-zlmgeszrbt 1004/12/2024, 19:23
241204-x3662sspbq 1004/12/2024, 19:14
241204-xxpd2sslem 1019/07/2024, 04:07
240719-epssdsvgkf 1017/07/2024, 17:11
240717-vqak7szhjl 10Analysis
-
max time kernel
0s -
max time network
0s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240729-en -
resource tags
arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system -
submitted
04/12/2024, 22:38
Behavioral task
behavioral1
Sample
RIP_YOUR_PC_LOL.exe
Resource
debian12-armhf-20240221-en
Behavioral task
behavioral2
Sample
RIP_YOUR_PC_LOL.exe
Resource
debian12-mipsel-20240221-en
Behavioral task
behavioral3
Sample
RIP_YOUR_PC_LOL.exe
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral4
Sample
RIP_YOUR_PC_LOL.exe
Resource
debian9-mipsbe-20240729-en
Behavioral task
behavioral5
Sample
RIP_YOUR_PC_LOL.exe
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral6
Sample
RIP_YOUR_PC_LOL.exe
Resource
ubuntu2204-amd64-20240729-en
Behavioral task
behavioral7
Sample
RIP_YOUR_PC_LOL.exe
Resource
ubuntu2404-amd64-20240523-en
General
-
Target
RIP_YOUR_PC_LOL.exe
-
Size
22.5MB
-
MD5
52867174362410d63215d78e708103ea
-
SHA1
7ae4e1048e4463a4201bdeaf224c5b6face681bf
-
SHA256
37d8e1ce3b6e6488942717aa78cb54785edc985143bcc8d9ba9f42d73a3dbd7a
-
SHA512
89e17e147d3f073e479e85d0b0321f6264bbc2aa84c930ed645e8f5cde3f1e58812c3db1ba0f10bee6ce7ac0731e1e3de6747a9b3c4d63a564dd8d904bd726ab
-
SSDEEP
393216:HJLgf7BPkdKzrZciLxv8naSNtPr5rn57M84UTB9xO5/VWvJKJPkwdnfZ4y5SDkFV:poBPQwxMR7pn5qUTB9xOFVWvJKJPkwd9
Malware Config
Signatures
-
description ioc Process File opened for reading /proc/self/fd apt File opened for reading /proc/filesystems dpkg File opened for reading /proc/filesystems dpkg -
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
pid Process 1569 apt
Processes
-
/usr/bin/aptapt install "wine;" wine /tmp/RIP_YOUR_PC_LOL.exe1⤵
- Reads runtime system information
- System Network Configuration Discovery
PID:1569 -
/usr/bin/dpkg/usr/bin/dpkg --print-foreign-architectures2⤵
- Reads runtime system information
PID:1570
-
-
/usr/bin/dpkg/usr/bin/dpkg --print-foreign-architectures2⤵
- Reads runtime system information
PID:1574
-