Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
05/04/2024, 01:46
General
-
Target
d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371.elf
-
Size
50KB
-
MD5
17b89e5957964c341369f0ff4bd9659e
-
SHA1
5dabc4b72aa6e7c4981c4f341522e411ffac77c3
-
SHA256
d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371
-
SHA512
5a26b20e9e17f5ea9e63e123a12b1482317ebbdbf6d43eebef71326133b32fbed21d8f67ce92d1fa5a427d1632f45bc62b4ee51ea7529b1104c1b86bd62462c6
-
SSDEEP
768:wDCn6ukPwUNlUTsLmLd9YiKdS2T2ZmKDSwRKq5K/nLe9q3UELp+AIo6EtIhjaKXR:wOnkwYMsIYXdRawKDSwRKq0nLDLIAD0D
Malware Config
Extracted
Family
mirai
Botnet
BOTNET
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself /var/Sofia 654 d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371.elf -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/misc/watchdog d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371.elf File opened for modification /dev/watchdog d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371.elf -
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/self/exe d27f0e39ea9ee3e8fc5045b59ac370ff2fb0a5a4b6c70c23bb3a788993359371.elf