Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

parm7.elf

debian-9-armhf

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    23/03/2025, 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    parm7.elf

  • Size

    57KB

  • MD5

    54df6b48d75c9577b17343f47d909729

  • SHA1

    02ede141fc2e93e0aeb2c885517cfade324acc55

  • SHA256

    6ac918962c801644c0a8773801657cdee81180ae46a417f7171ac196e9a84856

  • SHA512

    89aaa5a55a46e093a49f55fd52054830d8353e210b9e29855a57de4c1bec6c3f3d0aeb3959c181324656cb3d71b3d894a4805c80aaf575b65900a9dff284f9fd

  • SSDEEP

    768:e9SZLq7S4tG8w+LrjGEsJwTptVGqB7oOzAjlmI79U9q3UELiNwj8/5XDWBYVt6uD:ePS4tG8FL/+wTpnv2UilmIPLCYYH9rX

Score
10/10
miraimiraibotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/parm7.elf
    /tmp/parm7.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Changes its process name
    • Reads runtime system information
    PID:660

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads