Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a097829b39...JC.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    148s
  • max time network
    145s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20230831-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20230831-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    13/10/2023, 02:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a097829b392dcb333f23106633e6c93dd59ec4435a84004a87e98098cd84ec7e_JC.elf

  • Size

    118KB

  • MD5

    1cd9525208675a5abb1b9406a7c501a2

  • SHA1

    fb473598860c6d76ed4aa64b56829d1aef36b831

  • SHA256

    a097829b392dcb333f23106633e6c93dd59ec4435a84004a87e98098cd84ec7e

  • SHA512

    9a30236a775e4eb09baa8ed3691c8feb56c6633343498ce3f998c2959ea47e5dc732f4d869c903eda591318a371384b28204590a2e1a0cf657e1f8cf1c335605

  • SSDEEP

    3072:KwVa3vAP+WXpQHBszj6P+Bpi3IbGzgF1ymY2eGH4+9PIdoGDzh85YvuYdd9m7qSs:Nlj6P+Bpi3WGzgF1LejAGDzEYvzm7qSs

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/a097829b392dcb333f23106633e6c93dd59ec4435a84004a87e98098cd84ec7e_JC.elf
    /tmp/a097829b392dcb333f23106633e6c93dd59ec4435a84004a87e98098cd84ec7e_JC.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads