Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
2s -
platform
debian-9_mips -
resource
debian9-mipsbe-20231222-en -
resource tags
-
submitted
23/01/2024, 16:28
General
-
Target
beff090ea2a4488b75851f112c40f43e.elf
-
Size
175KB
-
MD5
beff090ea2a4488b75851f112c40f43e
-
SHA1
36dc694a308b76780403a41f3f3ca30e76fc8dab
-
SHA256
1e6e1f6f7937c4249d858ef386d4d8a00e4bf1db5f901b3b5672c9f5efae96e2
-
SHA512
722f33d37c94c61422d1d9441f3e1b79665a00273f4eeafbe6454b47ad2c470bb990640498849b6e3e4eaf455360134b06400345cd70fca522cd586b862a5f34
-
SSDEEP
3072:mBFRteCfb5/hMn9gq4vJO0qHGzuSouynTr:8ztXVhMnarxOfGzkuaTr
Malware Config
Signatures
-
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder 1 TTPs 1 IoCs
-
Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/beff090ea2a4488b75851f112c40f43e.elf/tmp/beff090ea2a4488b75851f112c40f43e.elf1⤵
-
/bin/shsh -c "cp '/tmp/beff090ea2a4488b75851f112c40f43e.elf' '/usr/bin/1ef63ef7'"2⤵
-
/bin/cpcp /tmp/beff090ea2a4488b75851f112c40f43e.elf /usr/bin/1ef63ef73⤵
- Write file to user bin folder
- Reads runtime system information
-
-
-
/bin/shsh -c "(crontab -l 2>/dev/null; echo \"@reboot /usr/bin/1ef63ef7\") | crontab -"2⤵
-
/usr/bin/crontabcrontab -3⤵
- Creates/modifies Cron job
- Reads runtime system information
-
-
-
/usr/bin/crontabcrontab -l1⤵
- Reads runtime system information
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
175KB
MD5beff090ea2a4488b75851f112c40f43e
SHA136dc694a308b76780403a41f3f3ca30e76fc8dab
SHA2561e6e1f6f7937c4249d858ef386d4d8a00e4bf1db5f901b3b5672c9f5efae96e2
SHA512722f33d37c94c61422d1d9441f3e1b79665a00273f4eeafbe6454b47ad2c470bb990640498849b6e3e4eaf455360134b06400345cd70fca522cd586b862a5f34