Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bins.sh
-
Size
10KB
-
Sample
250104-tddlnaykfq
-
MD5
b3fcb287f632cd257fa4b518cf1fb640
-
SHA1
8e270fe99fa3e1c4f94ae51107c6dc894db60f89
-
SHA256
57545f08d7ee15313ab9b7fb5b5326b9e7ad54dc283697e518acc1704e0a402d
-
SHA512
3bb66a53654a351e107ea8ba788bd7d0de56878cf763604ab2dd564085a084c946a9ce3b0c2f3124c577a99733fb7d3bd20d42c49b1af6f9c8e6c5f356a84994
-
SSDEEP
192:WvFvRvP44Jq6BDHXbPAe31enDnD+mBjDnD+mgXvFvRvP445XbPAe3Be:W9JFqsD7FeJ8X9JJ0
Static task
static1
Behavioral task
behavioral1
Sample
bins.sh
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral2
Sample
bins.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
bins.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
bins.sh
Resource
debian9-mipsel-20240611-en
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
b3fcb287f632cd257fa4b518cf1fb640
-
SHA1
8e270fe99fa3e1c4f94ae51107c6dc894db60f89
-
SHA256
57545f08d7ee15313ab9b7fb5b5326b9e7ad54dc283697e518acc1704e0a402d
-
SHA512
3bb66a53654a351e107ea8ba788bd7d0de56878cf763604ab2dd564085a084c946a9ce3b0c2f3124c577a99733fb7d3bd20d42c49b1af6f9c8e6c5f356a84994
-
SSDEEP
192:WvFvRvP44Jq6BDHXbPAe31enDnD+mBjDnD+mgXvFvRvP445XbPAe3Be:W9JFqsD7FeJ8X9JJ0
-
Xorbot family
-
Contacts a large (2186) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Renames itself
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1