Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

29a6737b88...5f.elf

debian-12-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240729-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    12/12/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    29a6737b8892b2fa5ae9515bcf033f5860c143974a275ca420c08afface2555f.elf

  • Size

    175KB

  • MD5

    120454526962ecb994fb605038be27c4

  • SHA1

    6e8f575a79154a11d6bd02b3a2bf757e99511942

  • SHA256

    29a6737b8892b2fa5ae9515bcf033f5860c143974a275ca420c08afface2555f

  • SHA512

    44bed1758870ce1d777267f392abbc614881d4a60182e4240ccb1b2059ad1c3166422c86e5dfa5f758f7fabeb5d54db359913fe9ae6d210ce039d83719ea9e36

  • SSDEEP

    3072:HK/lc7BbBLHcBCkAabwdyqkkUbH/6EBpbO/hJjogM/RHyfqs:HK/oBLHElAabwdybkQ1BZO/XMgM/RHyz

Score
6/10
discovery

Malware Config

Signatures

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/29a6737b8892b2fa5ae9515bcf033f5860c143974a275ca420c08afface2555f.elf
    /tmp/29a6737b8892b2fa5ae9515bcf033f5860c143974a275ca420c08afface2555f.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:705

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads