Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
153s -
platform
debian-9_armhf -
resource
debian9-armhf-20231215-en -
resource tags
-
submitted
12/02/2024, 02:30
General
-
Target
1097b5dc4d7c20fd2cdd3cb8171a55d82d25ccb2942d2a27ab4290dc02f1b2f7.elf
-
Size
63KB
-
MD5
576831f290a53594504788d1b37000f7
-
SHA1
76669c941bc563490efb58e9c7b6613f2ec1ccf8
-
SHA256
1097b5dc4d7c20fd2cdd3cb8171a55d82d25ccb2942d2a27ab4290dc02f1b2f7
-
SHA512
2fc9ee4b4409434eba9f22a0dd3e2e0d6caa120088bfaff4cbe857caa265a8c68acaf222fa2a758eb72523fc9ab6a6d435e37c13fcbb408769b540f139d4780b
-
SSDEEP
1536:c58pFZUc4jUfmYg8XMmSmhLGda4JBBy0beO4gDvwbxCP:c58p3fmr8XMmHhLGdXpyVOTcbK
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/1097b5dc4d7c20fd2cdd3cb8171a55d82d25ccb2942d2a27ab4290dc02f1b2f7.elf/tmp/1097b5dc4d7c20fd2cdd3cb8171a55d82d25ccb2942d2a27ab4290dc02f1b2f7.elf1⤵
- Reads system routing table
- Reads system network configuration
- Reads runtime system information
- Writes file to tmp directory
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
107B
MD5a70a5dde6f79eaea4e71c88b6a2ccc38
SHA192c0273c4be5d4b7bdbdd500de5a64e5e05652b2
SHA256d087a5a10a09b589993d8cc44a24ef22db26ffd0feeeb3f29b15af008c292af8
SHA512aaa7d00faa34a87292f23a16dae8a7a4b5a40c8e375a579f1286427819c2a04e1c6f970dbc0f2433e6c03f59a2ece0f28ba1e8fc526bc4afe77f176f61876c52