Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
151s -
platform
debian-9_mips -
resource
debian9-mipsbe-20231215-en -
resource tags
arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
21/02/2024, 04:54
Behavioral task
behavioral1
Sample
f26fee0d2b7f88bd7d5aa0860756b6d5.bin
Resource
debian9-mipsbe-20231215-en
General
-
Target
f26fee0d2b7f88bd7d5aa0860756b6d5.bin
-
Size
66KB
-
MD5
f26fee0d2b7f88bd7d5aa0860756b6d5
-
SHA1
8e933506d7d8b9205573881947d9419ffd6e1aaa
-
SHA256
49ee7966b481548392c8e66f58b9792d09e78cff34b6a4867f522602dc4930b5
-
SHA512
e0241f0c052610c0adaa69e03ad3de967a03c9e732212fe2718e957af6e36dad3137c4d96e0a48d555aced4998a94f4538b24dc973af525a318ab650e7b54794
-
SSDEEP
1536:u8aCKglaDrIjtb3stmjpYpt13+c23mo1UQ+eX:9H+0Jb3vypt8c23mo1RHX
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself dsjmu5l0e3skijpl 697 f26fee0d2b7f88bd7d5aa0860756b6d5.bin -
Deletes itself 1 IoCs
pid Process 697 f26fee0d2b7f88bd7d5aa0860756b6d5.bin -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/watchdog f26fee0d2b7f88bd7d5aa0860756b6d5.bin File opened for modification /dev/misc/watchdog f26fee0d2b7f88bd7d5aa0860756b6d5.bin -
Enumerates active TCP sockets 1 TTPs 1 IoCs
Gets active TCP sockets from /proc virtual filesystem.
description ioc File opened for reading /proc/net/tcp -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc File opened for reading /proc/net/tcp