Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
08/09/2022, 17:48
220908-wdj5jscchn 108/09/2022, 16:49
220908-vbprkscccn 108/09/2022, 16:46
220908-t9xz6sfag9 108/09/2022, 16:45
220908-t9wr4sccbq 808/09/2022, 06:26
220908-g7mefadhb7 808/09/2022, 06:00
220908-gqbavadgg6 8Analysis
-
max time kernel
23633s -
max time network
204s -
platform
linux_mips -
resource
debian9-mipsbe-en-20211208 -
resource tags
-
submitted
08/09/2022, 06:00
Errors
General
-
Target
9b4dfaca873961174ba935fddaf696145afe7bbf5734509f95feb54f3584fd9a.elf
-
Size
22KB
-
MD5
ecbe1b1e30a1f4bffaf1d374014c877f
-
SHA1
86906b140b019fdedaaba73948d0c8f96a6b1b42
-
SHA256
9b4dfaca873961174ba935fddaf696145afe7bbf5734509f95feb54f3584fd9a
-
SHA512
c32be39eb99eaad7a3e63ccf2c23819d16ff904cb482f49ada199439331676ba03ec5c5edc039243c90b27555c7d0912f3b0104742480ecaeed7f0ff4d3302bb
-
SSDEEP
384:aeFHMJnorHlag/2x4v0wJ7KStX/u7KLc/Cuc+r:WorHcgt/JKSh/xc/Curr
Malware Config
Signatures
-
Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Creates/modifies Cron job 1 TTPs 2 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Creates/modifies environment variables 1 TTPs 4 IoCs
Creating/modifying environment variables is a common persistence mechanism.
-
Modifies Bash startup script 1 TTPs 3 IoCs
-
Modifies init.d 1 TTPs 10 IoCs
Adds/modifies system service, likely for persistence.
-
Modifies rc script 1 TTPs 17 IoCs
Adding/modifying system rc scripts is a common persistence mechanism.
Processes
-
/tmp/9b4dfaca873961174ba935fddaf696145afe7bbf5734509f95feb54f3584fd9a.elf/tmp/9b4dfaca873961174ba935fddaf696145afe7bbf5734509f95feb54f3584fd9a.elf1⤵