Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

bimbo-arm7.elf

debian-9-armhf

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bimbo-arm7.elf

  • Size

    117KB

  • Sample

    250328-gpaypasvhs

  • MD5

    8a9bef3b034477a2a8918c294fdd1b98

  • SHA1

    39804a46b96d367ed3347ca49d621089dd4ad07a

  • SHA256

    67b9093116482df90590806ce4e460a5cb4d5a543b31bd77cd0162c6ef12b482

  • SHA512

    02ea956ee795103a64cd46efdb20a3b2add180386c8114167450506f0d388c7024affe83f5381c2f8a6203332eca5edf11ed0ee6f4cbd700c5db467fb9e15986

  • SSDEEP

    3072:a4wJlv7fsqbB/i2fHVL6XMH/+BM/9n3+3:a4wJBtbB/i2f1LTH/IM/9n3+3

Score
10/10
miraicredential_accessdiscovery

Malware Config

Targets

    • Target

      bimbo-arm7.elf

    • Size

      117KB

    • MD5

      8a9bef3b034477a2a8918c294fdd1b98

    • SHA1

      39804a46b96d367ed3347ca49d621089dd4ad07a

    • SHA256

      67b9093116482df90590806ce4e460a5cb4d5a543b31bd77cd0162c6ef12b482

    • SHA512

      02ea956ee795103a64cd46efdb20a3b2add180386c8114167450506f0d388c7024affe83f5381c2f8a6203332eca5edf11ed0ee6f4cbd700c5db467fb9e15986

    • SSDEEP

      3072:a4wJlv7fsqbB/i2fHVL6XMH/+BM/9n3+3:a4wJBtbB/i2f1LTH/IM/9n3+3

    Score
    9/10
    credential_accessdiscovery

    • Contacts a large (424808) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

      credential_access
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks