Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

84101443bc...62.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    143356abf866d122da20bd0b6263ea48.bin

  • Size

    86KB

  • Sample

    240410-bc8rasbc33

  • MD5

    1577748b306d572d5c27890408b31465

  • SHA1

    641f57355e0f01f1cdb977c62789b692b66a2fd5

  • SHA256

    de4f68c86be28149dac095a393f1c14d697027cdd307d9ba3f6923f3a69898fb

  • SHA512

    420e2b1b6d7c1a55cd4fcb59547f326b2c1c8909b660f3e81c99b5e35ad02695adecf0a687ac45b00268ee9ff1112547f558ca83fed6999642023f58cd1a73a9

  • SSDEEP

    1536:TRCBOi/hEzV/UnB5iC4hvBcga01wZiSMhef2KDgPsrF24LJK:tyFJEzVgri5BcgauwRMI2KDgErQw0

Score
10/10
gafgytdiscovery

Malware Config

Targets

    • Target

      84101443bcc84e32aa6e845c20e5a2ec4baa1a24789ffa77e96b2e6214829862.elf

    • Size

      211KB

    • MD5

      143356abf866d122da20bd0b6263ea48

    • SHA1

      e27dc4c2a68748731a77c38649c530449275ccc8

    • SHA256

      84101443bcc84e32aa6e845c20e5a2ec4baa1a24789ffa77e96b2e6214829862

    • SHA512

      3a94702ea88b0cdd7e4a24ef7feb9f1cb9de8c6a00d01694d61c181e8ae48b8e31018751c3b29ec001741e78675bf616da6cfc887ac0b858a22c4b51582ff24c

    • SSDEEP

      6144:jg3ULHp2atw3S9arg0oz5H+/SGM/9A9Wmvt24yFJkWXi:jhLHp2atw3S9g2dOSn/gWmvt24UJkWXi

    Score
    9/10
    discovery

    • Contacts a large (71319) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks