Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

435ebc48a8...806ba0

debian-9-armhf

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/12/2023, 23:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    435ebc48a8067d951ea6f8edd2806ba0

  • Size

    191KB

  • MD5

    435ebc48a8067d951ea6f8edd2806ba0

  • SHA1

    910b1740eb3df36d0ca495fd181341975ab10b5a

  • SHA256

    feaf9566c04f81df2a33bb8a824fb7d309f9b650b9ef0b46071c8e83dad2d1df

  • SHA512

    e522b5bce7f37c02572838e9db1eaead51a0685a7218ec545e66e6d9d9978e2148b09e9964074e5d3d89f3114fc0c44e109d0317acdee855b2ee6dd7c3e635b5

  • SSDEEP

    3072:uGPP4rGXq11zXqwL5SYNZf1t3aLUUGPNhibtNf8eNgJs12Zhvc5PsEsEUxxQLSJa:usPa/KH4N9OIb8boZCQ9gOS1SeX

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/435ebc48a8067d951ea6f8edd2806ba0
    /tmp/435ebc48a8067d951ea6f8edd2806ba0
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:653

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads