Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

56a7f84c22...37.elf

debian-9-armhf

6

Analysis

  • max time kernel
    106s
  • max time network
    140s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231215-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    13/02/2024, 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    56a7f84c22e9f1c8bdbd85cec2156d12b652fa242131681002bb8b96d96d1137.elf

  • Size

    166KB

  • MD5

    aaa5206f64575e2cfcbb73cba5e49465

  • SHA1

    71819eb94da1412acd357d735c37e9adb932b333

  • SHA256

    56a7f84c22e9f1c8bdbd85cec2156d12b652fa242131681002bb8b96d96d1137

  • SHA512

    962f48ccd46be274171db2f289f83790db45a62de63f3eeaeeaffbf79664e2d062bd863f8a76653c91421844b4032daf9666025f336f20820bfec4583b265ed2

  • SSDEEP

    3072:cyd1BPL8Z60aMnGjuog68Fi5Ll5hM1D1/6JrTRxmfQOYbr5Wn:Lz060auGjJ5Ll5he/6XxmfQOYbr5Wn

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/56a7f84c22e9f1c8bdbd85cec2156d12b652fa242131681002bb8b96d96d1137.elf
    /tmp/56a7f84c22e9f1c8bdbd85cec2156d12b652fa242131681002bb8b96d96d1137.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:653

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads