Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

01d9ef94cd...6c36fa

debian-9-armhf

7

Analysis

  • max time kernel
    123s
  • max time network
    142s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/12/2023, 22:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01d9ef94cdf7b523883cf1359c6c36fa

  • Size

    143KB

  • MD5

    01d9ef94cdf7b523883cf1359c6c36fa

  • SHA1

    a757704b100043f98e6a508adba46f4a6a18a111

  • SHA256

    8f91511113f259726607fc3929ecd8b3e14081322b9718d513e3beccac39916a

  • SHA512

    ea54fb3942f2ceb92a7df749f88d5533f85043bd4537abaf4637802e5e8970e370ec42179ae2add16ce04785c05d61c9c73c84ee0c5f0117d05a36e1c586fc2e

  • SSDEEP

    3072:ihRHih54YD1xMw5v0R9E1EscBsyetJ8add9QzhsGSc6L7xRfkNX4TtQ6W8GoQTRk:8L9E1hUsyetJ8addQ7v6r6X4TtQ6WvoH

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/01d9ef94cdf7b523883cf1359c6c36fa
    /tmp/01d9ef94cdf7b523883cf1359c6c36fa
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:667

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads