Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d00a1ff14b...484b61

debian-9-mipsel

8

Analysis

  • max time kernel
    20291s
  • max time network
    152s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • resource tags

    arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    31/07/2022, 10:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d00a1ff14bae4c15c4a72ae71ddf7f08fe4f2482a08fa6c4c4357e60d4484b61

  • Size

    240KB

  • MD5

    1a25b1011c3c5f0accfa28e51350d924

  • SHA1

    40eafe92b002c9d191c2fc3f1d4155faeec828b2

  • SHA256

    d00a1ff14bae4c15c4a72ae71ddf7f08fe4f2482a08fa6c4c4357e60d4484b61

  • SHA512

    d51a87ad3376eea7274b6497af4120f4d369566c65cfc460a5e60a74e21caef69bdaf3ab5dd5066e03bf5793f7b60556cbc8ffc85bdc79f9b58faa1f96caa792

Score
8/10
persistence

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/d00a1ff14bae4c15c4a72ae71ddf7f08fe4f2482a08fa6c4c4357e60d4484b61
    /tmp/d00a1ff14bae4c15c4a72ae71ddf7f08fe4f2482a08fa6c4c4357e60d4484b61
    1⤵
    • Modifies rc script
    PID:325

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads