Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

7a8e699406...39.elf

debian-9-mipsel

9

Analysis

  • max time kernel
    124s
  • max time network
    152s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20221125-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20221125-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    15/06/2023, 17:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a8e6994061f365c79471eb3800ca239.elf

  • Size

    74KB

  • MD5

    7a8e6994061f365c79471eb3800ca239

  • SHA1

    90ea1c68b209521f8c5532ce8dd5f1baaed8ede8

  • SHA256

    40f2403aa7b8100d20a86a69484b453cc56c59719d7c662520725680fefe2477

  • SHA512

    e345d972d60bea4b9983560cb4fe864b39282afd1d4413aa1dfcc59687b4ce14b7cdb8a95f4ee02ac75abd4e2421f8c74234f7ae1d0ea156fb912268c1f89ec0

  • SSDEEP

    1536:94JgmfSSGrW7cIVfXJRw1MSkHCZ1UKWYS:9MgmfSSGrwHJHC

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (83871) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/7a8e6994061f365c79471eb3800ca239.elf
    /tmp/7a8e6994061f365c79471eb3800ca239.elf
    1⤵
    • Changes its process name
    • Modifies Watchdog functionality
    PID:326

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads