Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    144s
  • max time network
    148s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240522.1-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    16/01/2025, 18:37

General

  • Target

    pecga.x86.elf

  • Size

    61KB

  • MD5

    913353db54854e8de108c656223a345f

  • SHA1

    30343e7bacc996d0d019e4c9f5cd6207e3c74d8e

  • SHA256

    09f5d05ae9ecfefa189d7d0181823d653cba059429bf2431113d6cdf32ecb4b4

  • SHA512

    14cea14214f056929358fea1fda96557341b2a536b53560b49544615497032a067c2ca9924ccb3ca3898c8cf7e9c8850f40936f8ebf0959d784189d362d430ff

  • SSDEEP

    1536:kBGfyT5OGMMt4cesUTeFIv5TzHhyn10okMUIjOepn2w:kcaT5OGMMtmaATzBGaZMdKan5

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 2 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/pecga.x86.elf
    /tmp/pecga.x86.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:1553

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads