Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

7472de6744...ea.elf

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    04/07/2024, 10:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7472de67440c495a36276ab12000bdea.elf

  • Size

    47KB

  • MD5

    7472de67440c495a36276ab12000bdea

  • SHA1

    8a67ea85e5f6c590d2060413a9764a78ce851c66

  • SHA256

    977b017d230eb05cd8594a216d9563406c4b440b731e9a91919b712359dabc1e

  • SHA512

    d5bc2df12180b90ad0e07f50d7b54add57e929fa50a0a75884ca79f139bd3624a6902df90c5c87db6028fcccbc0e4ead88c99ad83c8eb13905be8509e7dfca12

  • SSDEEP

    768:5taWbJYA7w7gRR5sKnPWsBwRQ9Y4sSLYoZwkzCB9NqosbK//m1dn:58gJD7VPWewRYY5kzCBDzOHn

Score
7/10

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Renames itself 1 IoCs
  • Unexpected DNS network traffic destination 26 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Changes its process name 1 IoCs

Processes

  • /tmp/7472de67440c495a36276ab12000bdea.elf
    /tmp/7472de67440c495a36276ab12000bdea.elf
    1⤵
    • Modifies Watchdog functionality
    • Renames itself
    • Changes its process name
    PID:658

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads