Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a261c9fadb...2f.elf

debian-9-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    160s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    19/02/2025, 05:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a261c9fadbee8b5081f7676fb252ae5b28b758cafec5b9d6b85622539b11c82f.elf

  • Size

    161KB

  • MD5

    257418576e8a4e2cd65c16c0b636c2af

  • SHA1

    bb88696ad5eefa960e4710ee42af7292670480d1

  • SHA256

    a261c9fadbee8b5081f7676fb252ae5b28b758cafec5b9d6b85622539b11c82f

  • SHA512

    8f914595ee4232feea774c76d2ab5c94399cefe877bfb728e14dfe82b4951bfdf28162c050672ee0cfdb20b744e2cd6533b8a22d11eb6f44e5e9c3ce6ee51543

  • SSDEEP

    3072:8R2AYPY3B3En760r3m/vW2K2Gpvzzv/sdbSDPYSIdkiQWBkG1mZCwQufizQd17:8LyPckiQWBmZCwQufizQd17

Score
6/10
discovery

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/a261c9fadbee8b5081f7676fb252ae5b28b758cafec5b9d6b85622539b11c82f.elf
    /tmp/a261c9fadbee8b5081f7676fb252ae5b28b758cafec5b9d6b85622539b11c82f.elf
    1⤵
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads