Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

morte.arm7.elf

debian-9-armhf

10

Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    11/03/2025, 23:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    morte.arm7.elf

  • Size

    39KB

  • MD5

    ce5a9bee9568047d043f330697053c25

  • SHA1

    44ec01558061f8b9ad2145042823e03233108610

  • SHA256

    9861b400468bcf2be32f7a563df42f94cf820d10063e70a713ad39698bcc8a9c

  • SHA512

    e26f7d340abdc4cb2abadaf767698d1643e2c9f4ad2379a98315cb6a369bccceb5d7845f3f26d436126c07aa580b3b21d265b7de5f22c8fb2035ed175cbb0a87

  • SSDEEP

    768:MHEh4FYdBvEB7btr2H+9q3UELtKmo2IEzdxwnFu6:Mkh4GdBv0cjLMmoWEnFH

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/morte.arm7.elf
    /tmp/morte.arm7.elf
    1⤵
    • Modifies Watchdog functionality
    • Reads runtime system information
    PID:660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads