Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

sora.arm7.elf

debian-9-armhf

10

Analysis

  • max time kernel
    2s
  • max time network
    124s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    03/09/2023, 13:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sora.arm7.elf

  • Size

    51KB

  • MD5

    74bfc3c7c9dd3f654c3d18f8891ac434

  • SHA1

    d558e9465a55448f442fb13da372cc23ea46e25c

  • SHA256

    676a87b17f6c83ca25bd8b459dc32440e4e67c39ed079326a5f35ce66f407936

  • SHA512

    53fff3344e01a2f0def45b7a238c24bb643436c3bc64604d4b4007bf209d862c03078af6a7d0f5064050c5b40cae8adc3f9611571c7bc52b20d25ccff196e0e7

  • SSDEEP

    1536:s9O/f382butan9Y09QYJr78LcPqF1aBexo4opKZb7:s9O/UCuta99QyALGqFUFm

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/sora.arm7.elf
    /tmp/sora.arm7.elf
    1⤵
    • Reads runtime system information
    PID:355

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads