Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
2s -
platform
debian-9_armhf -
resource
debian9-armhf-20231215-en -
resource tags
arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
20/12/2023, 11:17
General
-
Target
a955e7e0b0eca1b631cb362ac5b1a346
-
Size
43KB
-
MD5
a955e7e0b0eca1b631cb362ac5b1a346
-
SHA1
3199b0e03e85e19025566cae6f642ef061b32185
-
SHA256
f48207c5812eb70fab56687451864e9aef4a9449faef076f4ca8a4eed877c78f
-
SHA512
d2598fdb12feed50c7b9926a4e992c2c6483499047e45945ead991f60f83cc0ba0594736b2da932b9a991288192f57d03d12d71aa202574d899aab248fc49570
-
SSDEEP
768:h/kCDUaK071lWfEUfSimKq+leDJzkcrb9IPxgwI9q3UELE4gtitqGv/TzqFzvIKw:hMCDTK071off8+a9TBIgwxLjLDTzMQKw
Malware Config
Extracted
Family
mirai
Botnet
DEBUG
Signatures
-
Deletes itself 1 IoCs
pid Process 650 a955e7e0b0eca1b631cb362ac5b1a346 -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/watchdog a955e7e0b0eca1b631cb362ac5b1a346 File opened for modification /dev/misc/watchdog a955e7e0b0eca1b631cb362ac5b1a346 -
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/self/exe a955e7e0b0eca1b631cb362ac5b1a346