Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
5s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240226-en -
resource tags
arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
12/04/2024, 01:30
General
-
Target
b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf
-
Size
44KB
-
MD5
7dca7bb14b80c065cc161c5ee86fd90f
-
SHA1
26f3fec153b0aead82a850e943c506bdf7ff0f65
-
SHA256
b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1
-
SHA512
7297d4206459bf1b692756a0b80921cecd9f45b8d30ff5da10af800178597f12c40d4acbdb5395397a9decf14fdaa30e094353a7bcd5059b368608ef4dce50a1
-
SSDEEP
768:6NbXq8S/S7EhVHseREql7J2VNZKnAjLuXqo3ZWqPJH2Zf:6NrqH64hVHsm7JwNZgAeXqeBH+f
Malware Config
Extracted
Family
mirai
Botnet
BOTNET
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself /var/Sofia 711 b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/watchdog b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf File opened for modification /dev/misc/watchdog b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf -
Enumerates active TCP sockets 1 TTPs 1 IoCs
Gets active TCP sockets from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/tcp b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/tcp b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1.elf