Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a38a66676a...09.elf

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    137s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    06/03/2025, 04:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a38a66676a08b2c8e99298454ba7b1fa8822218e18af854336eea6309dbad509.elf

  • Size

    106KB

  • MD5

    dde578018406f1ea3f78a66813188666

  • SHA1

    d1051e74e3b009a6c2f3d1786e6d337a265e9a0e

  • SHA256

    a38a66676a08b2c8e99298454ba7b1fa8822218e18af854336eea6309dbad509

  • SHA512

    41bfc3e8fdf1b3ae374211baebda8e7e4784c832a43bdbd1717da5ce320cfcbb5f144ba81b6e085c78f142e933ad9e87aeee17f92ff691a7d39c6a9cff4b0d16

  • SSDEEP

    3072:3FCb8pQnX/uV7eT7IOmClGhweF58WvOQ:1Cb8pQnX/uV74ECoT5vT

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 5 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/a38a66676a08b2c8e99298454ba7b1fa8822218e18af854336eea6309dbad509.elf
    /tmp/a38a66676a08b2c8e99298454ba7b1fa8822218e18af854336eea6309dbad509.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2866

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads