Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
151s -
max time network
149s -
platform
debian-9_armhf -
resource
debian9-armhf-20221111-en -
resource tags
arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
24/08/2023, 03:34
Behavioral task
behavioral1
Sample
357-1-0x00008000-0x00026464-memory.dmp
Resource
debian9-armhf-20221111-en
3 signatures
150 seconds
General
-
Target
357-1-0x00008000-0x00026464-memory.dmp
-
Size
76KB
-
MD5
ec196db50552392ec4203660d5d12872
-
SHA1
138c5be55ba26e9d7237431d27c53e00fc27c788
-
SHA256
532d1cedaa9eaa8d0c003a375a6f26ad6e50e8cccb22eec3f8057d51ed116ef8
-
SHA512
8ad000ae1de992d54c37b05a30a6d26a83a665a189f981ecce52b19f1b77b674e0291668ea10d5f683d14a6cf0a1c41b4c58be6402c7e2d9cbde7d61ded38f14
-
SSDEEP
1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8oD:RowpuQyNSG2eRa1styK9flTQPHo
Score
7/10
Malware Config
Signatures
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc File opened for modification /dev/watchdog File opened for modification /dev/misc/watchdog -
Writes file to system bin folder 1 TTPs 2 IoCs
description ioc File opened for modification /sbin/watchdog File opened for modification /bin/watchdog -
Reads runtime system information 4 IoCs
Reads data from /proc virtual filesystem.
description ioc File opened for reading /proc/401/cmdline File opened for reading /proc/402/cmdline File opened for reading /proc/404/cmdline File opened for reading /proc/406/cmdline