Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

z0r0.arm6.elf

debian-9-armhf

10

Analysis

  • max time kernel
    2s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231026-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231026-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    28/10/2023, 19:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    z0r0.arm6.elf

  • Size

    35KB

  • MD5

    e1118ce319dd08df881ee8fa899ba82b

  • SHA1

    c17d71698b97e48d08531107dc21506cefb2f09e

  • SHA256

    41c619187f70a094fde1b25350c2f10e1775cc7a2a862a539f3d16d05f7f1616

  • SHA512

    f98e8f93a48f203cd3c6bbde5e0d87880b019719ce8dfd027f40956e08aaf313b8ddab24e7c43b3b685328f9e39312b5f3ccfebca5d02278f045087a7fc03ad2

  • SSDEEP

    768:5LeMx1Oa7Lt1nFvz9qQV+61lxNemDSanudyoLnVHymZj3ADJP66q3UIEb:5LnOGpFFvRHs67y37yoLVSGmStY

Score
10/10
miraiunstablebotnet

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

C2

moixd.duckdns.org

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/z0r0.arm6.elf
    /tmp/z0r0.arm6.elf
    1⤵
    • Reads runtime system information
    PID:660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads