Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

log21.armv7.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    log21.armv7.elf

  • Size

    67KB

  • Sample

    230212-wkqkxafe63

  • MD5

    8d254387f162513937157f031c357725

  • SHA1

    5e59ec4432f527ce082ef93b4e3d59d518fc1f74

  • SHA256

    3ad3113c6cd2bb83ca386bf997e28728768982e3d1f176bcfd788781270a0675

  • SHA512

    9191cc1ca827e0de5913d4e3dbcb82fc4cdb6a4f0bcb39d5bf9dfcf34ed9683ed929fa5700b80826136aa0541a8bbafad7101ea2eed8b2e6e8e6857c7804f631

  • SSDEEP

    1536:ZAlRhyOvekjfNDs30nwdWI0IpEcECfLjnfGIQiDWG77:EyE/hs3TYI7ECfLTfvDt7

Score
9/10
discovery

Malware Config

Targets

    • Target

      log21.armv7.elf

    • Size

      67KB

    • MD5

      8d254387f162513937157f031c357725

    • SHA1

      5e59ec4432f527ce082ef93b4e3d59d518fc1f74

    • SHA256

      3ad3113c6cd2bb83ca386bf997e28728768982e3d1f176bcfd788781270a0675

    • SHA512

      9191cc1ca827e0de5913d4e3dbcb82fc4cdb6a4f0bcb39d5bf9dfcf34ed9683ed929fa5700b80826136aa0541a8bbafad7101ea2eed8b2e6e8e6857c7804f631

    • SSDEEP

      1536:ZAlRhyOvekjfNDs30nwdWI0IpEcECfLjnfGIQiDWG77:EyE/hs3TYI7ECfLTfvDt7

    Score
    9/10
    discovery

    • Contacts a large (56737) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks