Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d0e361a1d9...kes118

debian-9-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    07/09/2024, 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0e361a1d92da3c49e80ff5c815cecb6_JaffaCakes118

  • Size

    105KB

  • MD5

    d0e361a1d92da3c49e80ff5c815cecb6

  • SHA1

    09279e756a467e703bd6f66771c9c0310f087b7c

  • SHA256

    7b4a149d47f422e79a4ecbdc9f07a08ee18efd014d92504cd03b001f647e7cc9

  • SHA512

    a95add085ffcf43a0bb6bdd4dc21edff8a5c86ad2930c177133265fd1c3cba57f0a6b724cd0b2bc54d8992500c6ff08c7f4a131e0d8da5c2e83245ee88e049c1

  • SSDEEP

    3072:LnyR+AIOda5h3n8+K9MamDyrQRhJm4XnTe:LyR0Oda5h38+KhmDyrQRhJm4XnTe

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/d0e361a1d92da3c49e80ff5c815cecb6_JaffaCakes118
    /tmp/d0e361a1d92da3c49e80ff5c815cecb6_JaffaCakes118
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:637

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads