Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
11s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
-
submitted
06/01/2025, 07:12
General
-
Target
wind.arm.elf
-
Size
25KB
-
MD5
bedac7cde2d68b897e39a7895632de85
-
SHA1
6c8370008dbc42539c6552141951cf95c8e1d394
-
SHA256
adca3bf3f36fd505510dbd9bd6d838c14c3cf95bfec0b110c4e0419d54ae498e
-
SHA512
8cfd930808e668184ba6a432a866c15e298dd22bfcbc810af551958d84ec6306edfefdf359354994240211c0a0a21cbd75a71060bffcc04ffb1aa50b0340db8d
-
SSDEEP
768:WbrQ9NZTs+lQFej5Xu4+rHJrBcSs3UozV0:WY9NZoxuuRBWze
Score
10/10
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder 2 IoCs
-
Reads runtime system information 33 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/wind.arm.elf/tmp/wind.arm.elf1⤵
- Modifies Watchdog functionality
- Writes file to system bin folder
- Reads runtime system information