Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

main_arm7.elf

debian-12-armhf

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    03/02/2025, 20:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    main_arm7.elf

  • Size

    177KB

  • MD5

    ce8f7b7fa7439215ffa7867af7575ccc

  • SHA1

    fb278594c6d48cb6d51ee7c1b616d206b4e1c848

  • SHA256

    27d11ab9458ce1c255ad83128518acd08a566a0579d91b44124645f27424aa25

  • SHA512

    3391699424386efd31c18f6991f21ea12bf01b2ea98307b716fceb4b9ef5edaf0eaddd90fae5033b798c00443d65eb3533ccd90c47ba4d666865c5f574c36e17

  • SSDEEP

    3072:OzeSvtfp84oALv2eEQakGzORuGMzw99Lld38YhTfYo+M/RM+FDhdLn:2eSvJZoA7TEQakGzORuBGLld38+x+M/z

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Traces itself 2 IoCs

    Traces itself to prevent debugging attempts

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/main_arm7.elf
    /tmp/main_arm7.elf
    1⤵
    • Deletes itself
    • Traces itself
    • Changes its process name
    • Writes file to tmp directory
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads