Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

6880d13751...de.elf

debian-12-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    162s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    10/01/2025, 02:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6880d1375117e338915542fa4c2c552ec76216166903d4dc176145abe5ee7fde.elf

  • Size

    179KB

  • MD5

    79333d5f91d83238815d10a781824762

  • SHA1

    c85f98c02562b04e12d05497c592493c2ede491b

  • SHA256

    6880d1375117e338915542fa4c2c552ec76216166903d4dc176145abe5ee7fde

  • SHA512

    a20fb25863ce5ea3f42c128f26e088b494ffcd7ce08fcfcbac8ebd7e1311d636d88f44e609380db78082f52609b85887394dc9f16c73ff0e1ce4dfdb6cf05f0a

  • SSDEEP

    3072:3SJJvGaIjUZHjzb83ViYx1ey0iWmWfAL/Ks+N4m8wL3hQEb4:YvGaIjUZDzSV9x1eyJ1WIL/KGm8wL3K1

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/6880d1375117e338915542fa4c2c552ec76216166903d4dc176145abe5ee7fde.elf
    /tmp/6880d1375117e338915542fa4c2c552ec76216166903d4dc176145abe5ee7fde.elf
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads