Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

a6e1cdf187...d4.elf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    145s
  • max time network
    133s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    25/02/2024, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6e1cdf1878f77c28153ce1b9a7111e971bf62cd8605ac4c400c791e1fb36cd4.elf

  • Size

    72KB

  • MD5

    c97630c4989b6600f53611bc9e0c477d

  • SHA1

    823c4027db053be4b71fd9709b5c8347fdcbfe91

  • SHA256

    a6e1cdf1878f77c28153ce1b9a7111e971bf62cd8605ac4c400c791e1fb36cd4

  • SHA512

    668ef38f309ae7254ac980cced7cf4c92d1397f71d05a2f21216806ac894aac17bf1457e2fd29a5feaeade462806f6df83b8d5dd67b9cb8b96570143097bd8e0

  • SSDEEP

    1536:+K4pwxgyxstmY9zyjeYwjXpcWLnbBsRY2T/TG/shw2U+BKLZ5:+Kxg6+Z9zyjeYwjXnLntuYu/TXhw2DBA

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/a6e1cdf1878f77c28153ce1b9a7111e971bf62cd8605ac4c400c791e1fb36cd4.elf
    /tmp/a6e1cdf1878f77c28153ce1b9a7111e971bf62cd8605ac4c400c791e1fb36cd4.elf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1590

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads