Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    151s
  • max time network
    149s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24/08/2023, 03:34

General

  • Target

    357-1-0x00008000-0x00026464-memory.dmp

  • Size

    76KB

  • MD5

    ec196db50552392ec4203660d5d12872

  • SHA1

    138c5be55ba26e9d7237431d27c53e00fc27c788

  • SHA256

    532d1cedaa9eaa8d0c003a375a6f26ad6e50e8cccb22eec3f8057d51ed116ef8

  • SHA512

    8ad000ae1de992d54c37b05a30a6d26a83a665a189f981ecce52b19f1b77b674e0291668ea10d5f683d14a6cf0a1c41b4c58be6402c7e2d9cbde7d61ded38f14

  • SSDEEP

    1536:TJnF9sFw8gu6+wyKaw1KpIPrbvr/6Ra1styKtI8ll5BihwlTQP+8oD:RowpuQyNSG2eRa1styK9flTQPHo

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 4 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/357-1-0x00008000-0x00026464-memory.dmp
    /tmp/357-1-0x00008000-0x00026464-memory.dmp
    1⤵
      PID:368

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads