Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

11573492dc...46.elf

debian-9-armhf

6

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    03/07/2023, 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11573492dc283467377178c19e872dbc04f70326e03133fe1416432475f5c246.elf

  • Size

    57KB

  • MD5

    0575e7f18006f7a9c7a3a99072e85eb1

  • SHA1

    0cad04d55b6fe64adced351dc4684cfbdaef4648

  • SHA256

    11573492dc283467377178c19e872dbc04f70326e03133fe1416432475f5c246

  • SHA512

    b629033216cfc51730847a62e60e33e8b18587e8cec0c079791a6ddaad6b18d87107331860bc3260c7f35c54f7acb899e44677b4c285a7cda8efe34636a47f8d

  • SSDEEP

    1536:Bin4/vjvlGhKHhbLf1WN8WyIZqS9vZErRJVM:m4zloKBeNyIZqyvy9M

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/11573492dc283467377178c19e872dbc04f70326e03133fe1416432475f5c246.elf
    /tmp/11573492dc283467377178c19e872dbc04f70326e03133fe1416432475f5c246.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    • Reads runtime system information
    PID:371

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads