Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
150s -
platform
linux_mips -
resource
debian9-mipsbe-en-20211208 -
resource tags
arch:mipsimage:debian9-mipsbe-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
23/09/2023, 20:33
General
-
Target
SecuriteInfo.com.Linux.Siggen.9999.813.23666.elf
-
Size
18KB
-
MD5
f1361f451e0588497a6c34862dcb33c3
-
SHA1
664db76e16d3038ef410e452349a87912f18573e
-
SHA256
da038bd553dcd6a00706ce00cb0c89fd4b34e737cce30a157dcb6afb41b81742
-
SHA512
a78c21f3a80bd83be654f83a00e3a6c9cd7b60e65bdfd0f6978f2bfbfface774d990adcd12d3a7332bcc85fc85d00032a2a40eb22a4576063251e1f08022c696
-
SSDEEP
384:NPmFY4KgKQe3ezrP03xCeXNBBCVh7qtRMNWM0swJaiDl2:NPUSgk3keHNXCXqtRMNWnswJaiY
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself a 324 SecuriteInfo.com.Linux.Siggen.9999.813.23666.elf -
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/217/cmdline Process not Found File opened for reading /proc/273/cmdline Process not Found File opened for reading /proc/390/cmdline Process not Found File opened for reading /proc/10/cmdline Process not Found File opened for reading /proc/81/cmdline Process not Found File opened for reading /proc/83/cmdline Process not Found File opened for reading /proc/155/cmdline Process not Found File opened for reading /proc/382/cmdline Process not Found File opened for reading /proc/75/cmdline Process not Found File opened for reading /proc/22/cmdline Process not Found File opened for reading /proc/74/cmdline Process not Found File opened for reading /proc/144/cmdline Process not Found File opened for reading /proc/320/cmdline Process not Found File opened for reading /proc/357/cmdline Process not Found File opened for reading /proc/1/cmdline Process not Found File opened for reading /proc/214/cmdline Process not Found File opened for reading /proc/249/cmdline Process not Found File opened for reading /proc/138/cmdline Process not Found File opened for reading /proc/114/cmdline Process not Found File opened for reading /proc/242/cmdline Process not Found File opened for reading /proc/19/cmdline Process not Found File opened for reading /proc/408/cmdline Process not Found File opened for reading /proc/17/cmdline Process not Found File opened for reading /proc/213/cmdline Process not Found File opened for reading /proc/115/cmdline Process not Found File opened for reading /proc/5/cmdline Process not Found File opened for reading /proc/20/cmdline Process not Found File opened for reading /proc/70/cmdline Process not Found File opened for reading /proc/212/cmdline Process not Found File opened for reading /proc/2/cmdline Process not Found File opened for reading /proc/37/cmdline Process not Found File opened for reading /proc/394/cmdline Process not Found File opened for reading /proc/7/cmdline Process not Found File opened for reading /proc/9/cmdline Process not Found File opened for reading /proc/339/cmdline Process not Found File opened for reading /proc/self/exe SecuriteInfo.com.Linux.Siggen.9999.813.23666.elf File opened for reading /proc/72/cmdline Process not Found File opened for reading /proc/12/cmdline Process not Found File opened for reading /proc/15/cmdline Process not Found File opened for reading /proc/77/cmdline Process not Found File opened for reading /proc/291/cmdline Process not Found File opened for reading /proc/8/cmdline Process not Found File opened for reading /proc/14/cmdline Process not Found File opened for reading /proc/18/cmdline Process not Found File opened for reading /proc/23/cmdline Process not Found File opened for reading /proc/103/cmdline Process not Found File opened for reading /proc/243/cmdline Process not Found File opened for reading /proc/280/cmdline Process not Found File opened for reading /proc/322/cmdline Process not Found File opened for reading /proc/11/cmdline Process not Found File opened for reading /proc/36/cmdline Process not Found File opened for reading /proc/73/cmdline Process not Found File opened for reading /proc/76/cmdline Process not Found File opened for reading /proc/78/cmdline Process not Found File opened for reading /proc/204/cmdline Process not Found File opened for reading /proc/13/cmdline Process not Found File opened for reading /proc/6/cmdline Process not Found File opened for reading /proc/281/cmdline Process not Found File opened for reading /proc/290/cmdline Process not Found File opened for reading /proc/3/cmdline Process not Found File opened for reading /proc/16/cmdline Process not Found File opened for reading /proc/21/cmdline Process not Found File opened for reading /proc/24/cmdline Process not Found File opened for reading /proc/71/cmdline Process not Found