Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

f07d9c4402...2b.elf

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    14/10/2024, 02:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f07d9c4402191479f523e8b6179c17aaa29cae62440f6507659139fe47025b2b.elf

  • Size

    61KB

  • MD5

    9e024390448c9106c1f4bd67bfe63709

  • SHA1

    c47c1fea880c3782ac49c41798bb946b747b9baf

  • SHA256

    f07d9c4402191479f523e8b6179c17aaa29cae62440f6507659139fe47025b2b

  • SHA512

    d18bf6021d9abd5e0eceb32dd2613114c92ba60a6edb444bfc4f488eb5ff9b2a9cd48894a7261165b0af7d6e28b5eca6804a57592c1f40ed7260b389e960056a

  • SSDEEP

    1536:ALYcxQtFNAa0H5+HEZtpxc4pWNgeEkD4fS+7dIO0WpitfO:AUwQ7NArdJxMNgfkD46k2K

Score
7/10
discoveryrootkit

Malware Config

Signatures

  • Loads a kernel module 2 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/f07d9c4402191479f523e8b6179c17aaa29cae62440f6507659139fe47025b2b.elf
    /tmp/f07d9c4402191479f523e8b6179c17aaa29cae62440f6507659139fe47025b2b.elf
    1⤵
    • Loads a kernel module
    • Reads runtime system information
    PID:2518

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/systemjob
    Filesize

    58B

    MD5

    3d79dd9f75f96ef7423e02c339df5ba1

    SHA1

    44b8ade4755ca25e0ab50d1e1f7bdc6e48f5a512

    SHA256

    e164a65c989beb3c2e72832496875afd3d62992cf12edf1ce3b2fc9181894450

    SHA512

    a597317a1c962f74b860d345cca554a8df82922a906973ee1c1fc02e81469ebbdc4d0369212ad34458198f4535777f81afbdd004f4a14963adf5625518004821

    Download Submit

  • /etc/systemd/system/system_worker.service
    Filesize

    125B

    MD5

    e166a788784ffa4fce0c6369ed83d7aa

    SHA1

    83113538df7094fcc2c033ebd042b85cf1ef061b

    SHA256

    1588075b48ab7a19cf8e7b74e9ce9704104b1238e71e62fa892a89c044b5b7e4

    SHA512

    2ea7601bfc8e11b196df1ce6012057129d573cc1fa702724e3506d75c0f2af0a788623974a560a8056b9866b60c1989fe6413666be01775f2f24656ab582d695

    Download Submit

  • /var/spool/cron/crontabs/root
    Filesize

    26B

    MD5

    c33a10893b04d3dbf0e3226896771800

    SHA1

    c688f73295e5bab94b1a6d9f2fa909aa064806b1

    SHA256

    f9d4ae54cc682dbca63d7d4f55c86a61f156eade748e02899558f6db511563c3

    SHA512

    9c9209478790c5d14988ab8ffdb14c11ada529a1726950c8296753d7181b4dc42c1a60e6ad2cda8876e059657dcde47824a9fb124afa9790276b2c2e2af02672

    Download Submit