Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

629ce101e1...db.elf

debian-9-armhf

10

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24/03/2025, 06:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    629ce101e1d8030a62f520be07330e22430ca4433f2d7bb1af8ff208be9126db.elf

  • Size

    27KB

  • MD5

    34539878e0690ca404966bbc089aafbc

  • SHA1

    81912ea12dd9258400f5fcce7d9301bc3086ca38

  • SHA256

    629ce101e1d8030a62f520be07330e22430ca4433f2d7bb1af8ff208be9126db

  • SHA512

    857832305482bf0efd317fb3d37a1903e9d4abf6d90b7e395cd3e2b31b43a82f241491422e5ad01942ac5701d53057576a9c1b56e40ab3f1c2ac4d589a71e07d

  • SSDEEP

    768:IX/zz8QigUIKe+ItNOFAgE+xkPnes3Uozi:IvmIKa7F1/Dzi

Score
10/10
miraimiraibotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/629ce101e1d8030a62f520be07330e22430ca4433f2d7bb1af8ff208be9126db.elf
    /tmp/629ce101e1d8030a62f520be07330e22430ca4433f2d7bb1af8ff208be9126db.elf
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    • Changes its process name
    • Reads runtime system information
    PID:656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads