Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
155s -
platform
debian-9_armhf -
resource
debian9-armhf-20231215-en -
resource tags
-
submitted
12/02/2024, 02:52
General
-
Target
47097f443abd95ac7cd0c192703cea14740a8c62e9b78243403c8b742ba4a60c.elf
-
Size
55KB
-
MD5
79a6ff1e2df681a1c498e3f4f52613a6
-
SHA1
8d61c86701edeb0cad547403c197a3be9770ac9b
-
SHA256
47097f443abd95ac7cd0c192703cea14740a8c62e9b78243403c8b742ba4a60c
-
SHA512
1e5635df330142aaccdc675e48056dab3c671d958d093ac9c8951cd6c1607ec76b2bc27f490630bcfe9e807a7d568d50ea578f1a1083cd01d99b83f77815f19f
-
SSDEEP
1536:n5XlHj3rEZwUFGcpm1nTszF25itPQNiUlVMX:ZlbroZpm1YRZiuX
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/47097f443abd95ac7cd0c192703cea14740a8c62e9b78243403c8b742ba4a60c.elf/tmp/47097f443abd95ac7cd0c192703cea14740a8c62e9b78243403c8b742ba4a60c.elf1⤵
- Reads system routing table
- Reads system network configuration
- Reads runtime system information
- Writes file to tmp directory
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
107B
MD5a70a5dde6f79eaea4e71c88b6a2ccc38
SHA192c0273c4be5d4b7bdbdd500de5a64e5e05652b2
SHA256d087a5a10a09b589993d8cc44a24ef22db26ffd0feeeb3f29b15af008c292af8
SHA512aaa7d00faa34a87292f23a16dae8a7a4b5a40c8e375a579f1286427819c2a04e1c6f970dbc0f2433e6c03f59a2ece0f28ba1e8fc526bc4afe77f176f61876c52