28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

28b5bc3420...86.elf

debian-9-mips

9

Sharing

General

Target

28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86.elf
Size

80KB
Sample

240822-bmkgfsvbpq
MD5

b15a935246018d21335632060ff6db6c
SHA1

79e80a929268f8361242e53f97db3d93a94a4650
SHA256

28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86
SHA512

75cc9ab1f28dbc80d187f7b80ddf1540ef8093b1ea404cb51950714c23d59de922b91bfac7e883bd1449d7cf3cab3ac34d4208991374290e8f87d9623a25b579
SSDEEP

1536:c5dkjueVIuJjj6kZONnONgpNFGIv3W9tmgFUBeI9KJZC2:cHJeVIuJH6kuvG93FUfKfb

Score

9^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86.elf

Resource

debian9-mipsbe-20240418-en

debian-9-mips

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86.elf
- Size
  
  80KB
- MD5
  
  b15a935246018d21335632060ff6db6c
- SHA1
  
  79e80a929268f8361242e53f97db3d93a94a4650
- SHA256
  
  28b5bc34206b2ba9c56e2c1d05d900280df04ea9f71fd422a9ce01e7c78aaa86
- SHA512
  
  75cc9ab1f28dbc80d187f7b80ddf1540ef8093b1ea404cb51950714c23d59de922b91bfac7e883bd1449d7cf3cab3ac34d4208991374290e8f87d9623a25b579
- SSDEEP
  
  1536:c5dkjueVIuJjj6kZONnONgpNFGIv3W9tmgFUBeI9KJZC2:cHJeVIuJH6kuvG93FUfKfb
Score

9^/10

discovery
- Contacts a large (54036) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Renames itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy