Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

arm7.elf

debian-9-armhf

10

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    23/03/2025, 11:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    arm7.elf

  • Size

    52KB

  • MD5

    f8284f514b6ad487a92b1c0703d552a8

  • SHA1

    4086f18ae54e26c5a11de66def6877ef0b252b79

  • SHA256

    e1d66b1b928c923215c1ce79d895fe086edb63d347993379122513236d99b2e9

  • SHA512

    780b4a2cb7dd19c735cada0fe70e6ab7cfbb4fc21bdc1324d6ab32435feff94198c4cee5f1e3bd39f5e11fb04a3c777a496dac776199091d0321b2648d7bdeac

  • SSDEEP

    1536:sOup5EcrTpTwFSznV/aZ1L2LdCi9/zd2b:sOup5EcrT6FSznV/aZ1L24Wdu

Score
10/10
miraimiraibotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/arm7.elf
    /tmp/arm7.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Changes its process name
    • Reads runtime system information
    PID:643

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads