Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

pecga.arm5.elf

debian-9-armhf

7

Analysis

  • max time kernel
    145s
  • max time network
    159s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    16/01/2025, 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pecga.arm5.elf

  • Size

    71KB

  • MD5

    b50cf2aa5d51254555d95a2d3bb0260c

  • SHA1

    8f429d3ac7fe4e7c7d8759a1b35670b1479d5482

  • SHA256

    76902492ec92ee429c17602088f826cfefa6519c529ee948bdc621809e4f5247

  • SHA512

    eb0062298003afb9ae14b92c37f63185ed25f18ad5260603034487c2e2594b12ab3ad8bebf4975fcc2a090d6b644eaea2cba76cad3a9c5caad30092e99fbe108

  • SSDEEP

    1536:cBR8D6qP2t5eOD6ilbYp3WpyeGqF1v+XE5obk:cBtD6QbY2yeGgmXRb

Score
7/10
defense_evasion

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/pecga.arm5.elf
    /tmp/pecga.arm5.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:642

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads