Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

main_arm7.elf

debian-9-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    176s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25/10/2024, 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    main_arm7.elf

  • Size

    177KB

  • MD5

    b7912bdc4d2f102470ab0edf52a21215

  • SHA1

    0d4b184afc18036842f4ade10c77bffe08fcaf45

  • SHA256

    6ffb23d3486c55bd36e0763567907509eda6a434b248939e52bc5b73ec2ca4e6

  • SHA512

    1cd9962cd9a85d523abf9878b64da529d4ed80c892d1da4bc957a6d246b52403f9b76f5dda475333b3efcb3e99e7ee56a43d80667dcb76912fc31d7c70642056

  • SSDEEP

    3072:OzeSvtfNQ4oELv2e8wa0GzORuuAvw99LHd38YhTfYo+M/Rw6FDFVLn:2eSvJpoE7T8wa0GzORuNKLHd38+x+M/n

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/main_arm7.elf
    /tmp/main_arm7.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:661

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads