Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

bins.sh

ubuntu-18.04-amd64

3

bins.sh

debian-9-armhf

4

bins.sh

debian-9-mips

10

bins.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    250105-vajh6ssjfk

  • MD5

    e4f7c4a0fc9b3693b98dd8a72fd33c6c

  • SHA1

    02b5a992865ee73db4aa7f47d76847017ed9bef8

  • SHA256

    c063bdd7c8bb3a71082fd8295be7980b06d75b9fea1efbd02684a2a4dff87397

  • SHA512

    033e72887a61c5b6f214acdd88d420cabe9b673b8f239ac5093c17d861c313167840c19e65b07bdb6b69b9a25e1cc58d577e76d6dc4e4f3d2df38ec298ff473d

  • SSDEEP

    96:Yj/p8AKhThvhQDDcwLk/kTkvm+qLfrnf/fyJptLCalhvhDhm3v6qi3EIuMZ7XeU1:w1zr3yJptWTc8QbWGvSr3yJpX8QbWGd

Score
10/10
xorbotantivmbotnetdefense_evasiondiscoverylinuxtrojan

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      e4f7c4a0fc9b3693b98dd8a72fd33c6c

    • SHA1

      02b5a992865ee73db4aa7f47d76847017ed9bef8

    • SHA256

      c063bdd7c8bb3a71082fd8295be7980b06d75b9fea1efbd02684a2a4dff87397

    • SHA512

      033e72887a61c5b6f214acdd88d420cabe9b673b8f239ac5093c17d861c313167840c19e65b07bdb6b69b9a25e1cc58d577e76d6dc4e4f3d2df38ec298ff473d

    • SSDEEP

      96:Yj/p8AKhThvhQDDcwLk/kTkvm+qLfrnf/fyJptLCalhvhDhm3v6qi3EIuMZ7XeU1:w1zr3yJptWTc8QbWGvSr3yJpX8QbWGd

    Score
    10/10
    discoveryantivmxorbotbotnettrojandefense_evasion

    • Detects Xorbot

      botnettrojan

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

      botnettrojanxorbot

    • Xorbot family

      xorbot

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks