Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

bruteratel...LA.pdf

windows7-x64

1

bruteratel...LA.pdf

windows10-2004-x64

5

bruteratel...eC2.py

ubuntu-18.04-amd64

9

bruteratel...eC2.py

debian-9-armhf

bruteratel...eC2.py

debian-9-mips

bruteratel...eC2.py

debian-9-mipsel

bruteratel...sgs.py

ubuntu-18.04-amd64

1

bruteratel...sgs.py

debian-9-armhf

bruteratel...sgs.py

debian-9-mips

bruteratel...sgs.py

debian-9-mipsel

bruteratel...ner.py

ubuntu-18.04-amd64

9

bruteratel...ner.py

debian-9-armhf

bruteratel...ner.py

debian-9-mips

bruteratel...ner.py

debian-9-mipsel

bruteratel...ier.py

ubuntu-18.04-amd64

9

bruteratel...ier.py

debian-9-armhf

bruteratel...ier.py

debian-9-mips

bruteratel...ier.py

debian-9-mipsel

bruteratel...ssl.sh

ubuntu-18.04-amd64

5

bruteratel...ssl.sh

debian-9-armhf

5

bruteratel...ssl.sh

debian-9-mips

1

bruteratel...ssl.sh

debian-9-mipsel

1

bruteratel...all.sh

ubuntu-18.04-amd64

8

bruteratel...all.sh

debian-9-armhf

1

bruteratel...all.sh

debian-9-mips

8

bruteratel...all.sh

debian-9-mipsel

8

bruteratel...ver.sh

ubuntu-18.04-amd64

5

bruteratel...ver.sh

debian-9-armhf

1

bruteratel...ver.sh

debian-9-mips

5

bruteratel...ver.sh

debian-9-mipsel

5

bruteratel...armx64

ubuntu-18.04-amd64

bruteratel...armx64

debian-9-armhf

Analysis

  • max time kernel
    0s
  • max time network
    103s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    28/09/2022, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bruteratel/adaptiveC2/proxylistener.py

  • Size

    2KB

  • MD5

    0c14628d61b5052fc464bb356f0dbad1

  • SHA1

    08439cf282a0dc521157374c35bf5606e22ade92

  • SHA256

    6ca25aefe22dee53506d311579e2d86852da14d5c3cc1b722f9a1af9ab384188

  • SHA512

    3882593e899b625d28e1c9f309b238200d4e9878a50149c457a428324af6253aaa21d86b0577733b99ff924fad5d301d896f9fe26905ac8f51a53bf6f646f01e

Score
9/10

Malware Config

Signatures

  • Writes file to system bin folder 1 TTPs 1 IoCs
  • Write file to user bin folder 1 TTPs 1 IoCs
  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/bruteratel/adaptiveC2/proxylistener.py
    /tmp/bruteratel/adaptiveC2/proxylistener.py
    1⤵
    • Write file to user bin folder
    • Reads runtime system information
    • Writes file to tmp directory
    PID:581
    • /sbin/ldconfig
      /sbin/ldconfig -p
      2⤵
      • Writes file to system bin folder
      PID:586
    • /sbin/ldconfig.real
      /sbin/ldconfig.real -p
      2⤵
        PID:586
      • /bin/sh
        /bin/sh -c "uname -p 2> /dev/null"
        2⤵
          PID:587
          • /bin/uname
            uname -p
            3⤵
              PID:588

        Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads