Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    11/04/2024, 21:46

General

  • Target

    737835c6776b10964562bcdd6ee04391.elf

  • Size

    50KB

  • MD5

    737835c6776b10964562bcdd6ee04391

  • SHA1

    6d936490f46eed7b58407ffdabf42fbd9ab1f338

  • SHA256

    5c1b326eded450c6f0b7a3f3fa56da97835f7bbb52cec2602e58491b6ee1927a

  • SHA512

    5d10f87eef05d603cf59392961f72024a515360dc9f69811b4744ecd722183f8f6e96054c56a1b64772b4ae7f727409efa7ef5db5cd15a8abfb110c05e9d43ef

  • SSDEEP

    1536:2lpABKkhUpfaypfOataVm4v3s58nLhg8BKAlw6:2rkhUhaypftaVH3jnLhUAb

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/737835c6776b10964562bcdd6ee04391.elf
    /tmp/737835c6776b10964562bcdd6ee04391.elf
    1⤵
    • Changes its process name
    • Modifies Watchdog functionality
    • Reads runtime system information
    PID:638

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads