Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
31s -
max time network
150s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
04/03/2025, 11:06
General
-
Target
x86.elf
-
Size
77KB
-
MD5
673312a3721499b5b663dcb776caddd5
-
SHA1
6151a4f862d0ac1012b77c71232ddb6966bdad6f
-
SHA256
6d0ffbd5b42d212b87f8fbfcda5e4d26a7889182d53045f96d7b472aeccdbd9c
-
SHA512
a50a72610dba89a7ffcd4435395afc93e119c0132d22ed28067e91fdc5ce742c8fa3a453d49256aba735153ef748be2e72748b02c8a4548d9425555e5247c7a4
-
SSDEEP
1536:n8bw//RzreZ6ldbGzoFTgmxEyYXZsoLWtwBvlIlXtM7ufYAeNcKEPcOKAuuvmM:n7//tyZ6ldbGzoFTgmx6ZsoStwBvlIlS
Malware Config
Signatures
-
Contacts a large (48826) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf 2540 x86.elf 2540 x86.elf 2537 x86.elf 2537 x86.elf