Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    24933s
  • max time network
    152s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • resource tags

    arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    23/09/2022, 07:10

General

  • Target

    ak.mpsl-20220923-0709.elf

  • Size

    37KB

  • MD5

    fdba94434e54cb58b2de87567630f1b8

  • SHA1

    600519dd3841e247269bbe096b80a02cf2c26209

  • SHA256

    2ce5bb314aea583de629b0cfc3e0b8b29df6790f7b819f8fc4ef9019f38e51b0

  • SHA512

    fb08df4703414b71832dda77b30e254b800d68a1deb93c32ad68b7d6eb29683c7d90ce7f71722280c6ca70e40c15287c9fe18e5ac70a734c24914286524fcefd

  • SSDEEP

    768:Xk9Hnr7+LtW0x9IYBXrf0cN4rWewXdbLQw+y+nBa02uWoA:01nrOt5xr4rWeSdfQXymBaL

Score
9/10

Malware Config

Signatures

  • Contacts a large (46064) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/ak.mpsl-20220923-0709.elf
    /tmp/ak.mpsl-20220923-0709.elf
    1⤵
    • Writes file to tmp directory
    PID:323

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads