Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a1ea13c20b...12.elf

debian-9-armhf

6

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    17/12/2024, 04:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1ea13c20b5ee7da35f527d958c426672d13a5cc207b889da2c08cbaeb04ec12.elf

  • Size

    118KB

  • MD5

    6822322b70497ee511faf0b4e0566ca8

  • SHA1

    d0e5d87159d8e52bd3bc9adbc0d5a52a778b04a0

  • SHA256

    a1ea13c20b5ee7da35f527d958c426672d13a5cc207b889da2c08cbaeb04ec12

  • SHA512

    80527f400ca2e8fc143c450b8fd681e3baa4261d0c21185784af9976da02690ae2966101f82f6994825ce5b78aba6e721c592627456c8d8e46b60210565b3d97

  • SSDEEP

    3072:WkYPgPggnAb0JWaY/VfVEDx0dn+mTQOY5NX3cn:lYPgPggI4Wa8VEDW+mTQOY5R3cn

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/a1ea13c20b5ee7da35f527d958c426672d13a5cc207b889da2c08cbaeb04ec12.elf
    /tmp/a1ea13c20b5ee7da35f527d958c426672d13a5cc207b889da2c08cbaeb04ec12.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:652

Network

    No results found
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    120 B
     80 B
     2
    2
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    120 B
     80 B
     2
    2
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    60 B
     40 B
     1
    1
  • 150.241.88.132:25565
    120 B
     80 B
     2
    2
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.