Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

330fb97b3b...c70d9e

linux_mipsel

10

Analysis

  • max time kernel
    16714s
  • max time network
    153s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • submitted
    20/06/2022, 03:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    330fb97b3bcb3db9272b8416c5f41cb9fa14b167b2e0523b0646b136a1c70d9e

  • Size

    70KB

  • MD5

    819d362840a1da8d8db9ccd3c028aeef

  • SHA1

    f368fc73f30bd2aef074f002873e822fbef45b6a

  • SHA256

    330fb97b3bcb3db9272b8416c5f41cb9fa14b167b2e0523b0646b136a1c70d9e

  • SHA512

    f50bc89438f2d43f53adac97c6d3dce5ee6252a770a5aa29f2d8dd7e7c081850320a26f3c5ebfb54e9b2d424b35764ad681e5668072f153704571a5b3ba756d8

Score
10/10
discoverysuricata

Malware Config

Signatures

  • suricata: ET MALWARE Dark Nexus IoT Variant User-Agent (Outbound)

    suricata: ET MALWARE Dark Nexus IoT Variant User-Agent (Outbound)

    suricata
  • Contacts a large (23995) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Unexpected DNS network traffic destination 20 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • ./330fb97b3bcb3db9272b8416c5f41cb9fa14b167b2e0523b0646b136a1c70d9e
    ./330fb97b3bcb3db9272b8416c5f41cb9fa14b167b2e0523b0646b136a1c70d9e
    1⤵
      PID:322

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads