Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    151s
  • max time network
    10s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    12/02/2024, 03:44

General

  • Target

    2f04c29cc8660d32e77fedbde21e9b2c3399c8dd80e66b74c0a7f05b34365a84.elf

  • Size

    126KB

  • MD5

    28ec7b62f2c47abb516aa702264173de

  • SHA1

    bec3a7869fb7eb04653e10004684260991c72460

  • SHA256

    2f04c29cc8660d32e77fedbde21e9b2c3399c8dd80e66b74c0a7f05b34365a84

  • SHA512

    911dfec06e8b60d3d06ebb1f856528a538f362803a4de65afbcf6b02b069042fe9e95bdba2af64840672ccc6fd98364c24aa00554b6ddcf99af32939e901e246

  • SSDEEP

    3072:cowpuQyNSG7Ra1styK9flTQPHo1rScVM/9SAvjik:cowpuQyNSG1a1styKdlTuI1rSmM/9bvV

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 42 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/2f04c29cc8660d32e77fedbde21e9b2c3399c8dd80e66b74c0a7f05b34365a84.elf
    /tmp/2f04c29cc8660d32e77fedbde21e9b2c3399c8dd80e66b74c0a7f05b34365a84.elf
    1⤵
      PID:665

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads