Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    2s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    20/12/2023, 11:17

General

  • Target

    a955e7e0b0eca1b631cb362ac5b1a346

  • Size

    43KB

  • MD5

    a955e7e0b0eca1b631cb362ac5b1a346

  • SHA1

    3199b0e03e85e19025566cae6f642ef061b32185

  • SHA256

    f48207c5812eb70fab56687451864e9aef4a9449faef076f4ca8a4eed877c78f

  • SHA512

    d2598fdb12feed50c7b9926a4e992c2c6483499047e45945ead991f60f83cc0ba0594736b2da932b9a991288192f57d03d12d71aa202574d899aab248fc49570

  • SSDEEP

    768:h/kCDUaK071lWfEUfSimKq+leDJzkcrb9IPxgwI9q3UELE4gtitqGv/TzqFzvIKw:hMCDTK071off8+a9TBIgwxLjLDTzMQKw

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

DEBUG

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/a955e7e0b0eca1b631cb362ac5b1a346
    /tmp/a955e7e0b0eca1b631cb362ac5b1a346
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Reads runtime system information
    PID:650

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads