Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

656d88528f...9f1816

debian-9-armhf

6

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/12/2023, 23:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    656d88528fcc382681438c2aad9f1816

  • Size

    132KB

  • MD5

    656d88528fcc382681438c2aad9f1816

  • SHA1

    12fa1bea6ca9db34833035e70bf384b4373abd90

  • SHA256

    cfe1b1d2449f682b2bf43a8491a8ddcb198f6aabb46e750ef88ea1ebfc4c3bb0

  • SHA512

    c49c5ce6a62518e9178f06600b472b263443369b379829e8a6467e07332caa7387faf19facad760924f9c47ea6a50c81f8a7002883485810d53b5b8302f96f22

  • SSDEEP

    3072:W+hHTKuhXXQo+pZGxs31d1tiZTwqGrnNbGHiLC3ngeMXid0xNsQDDjfvfM/9J5ho:l73geMXW0xdDjPM/9J53S

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/656d88528fcc382681438c2aad9f1816
    /tmp/656d88528fcc382681438c2aad9f1816
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:661

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads