Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9b2cce5192...36.elf

debian-9-armhf

6

Analysis

  • max time kernel
    125s
  • max time network
    127s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231221-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    13/02/2024, 03:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b2cce51922c3a2eb076034f5e4d94e0977a7228da4fa903fccfe759a00e6536.elf

  • Size

    204KB

  • MD5

    1dc8a9a7d6f79644c4a3d5446c266f36

  • SHA1

    d2d86f0acd1e10dffc2466abff65d7c0683178b4

  • SHA256

    9b2cce51922c3a2eb076034f5e4d94e0977a7228da4fa903fccfe759a00e6536

  • SHA512

    c12f0cfa9ceac4dc8457a341577511a3450a504274d01778845088b25c291596aad937bfd862c0b624a156edb38422fa6da54b57cb12b2fa12140ac8fd0322da

  • SSDEEP

    6144:FZzyacCwXJ4DbpW0vl5hbL6+uM/9Ocgym0wfB5RyAn:FZzyacCwXJ4gq5hbvf/dgym0mB5RyAn

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/9b2cce51922c3a2eb076034f5e4d94e0977a7228da4fa903fccfe759a00e6536.elf
    /tmp/9b2cce51922c3a2eb076034f5e4d94e0977a7228da4fa903fccfe759a00e6536.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads