Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    x86.elf

  • Size

    61KB

  • Sample

    230303-aav7rafa2s

  • MD5

    8db490bfff700456668ff36ad4383eb3

  • SHA1

    a1500517f25c12d52751876b47e24d0930ac9eae

  • SHA256

    5fe74e231db457c9f906a46b3a49451c3e9c98d5992564b09b29754610c19d70

  • SHA512

    38185a94884190b8e772f533688db9eb90ee7d23ca56ed0d64875066de42e32f2aac8803e9e0322f5968ed4b31a8dccbcd7645256d62d4c4994eea3b5495f265

  • SSDEEP

    1536:Z7qARubgzY/bEJy2RcpF80LDHhklv4JQC9DSW:NP+eY/bEJs/XBk9AP9l

Malware Config

Extracted

Family

mirai

Botnet

WICKED

Targets

    • Target

      x86.elf

    • Size

      61KB

    • MD5

      8db490bfff700456668ff36ad4383eb3

    • SHA1

      a1500517f25c12d52751876b47e24d0930ac9eae

    • SHA256

      5fe74e231db457c9f906a46b3a49451c3e9c98d5992564b09b29754610c19d70

    • SHA512

      38185a94884190b8e772f533688db9eb90ee7d23ca56ed0d64875066de42e32f2aac8803e9e0322f5968ed4b31a8dccbcd7645256d62d4c4994eea3b5495f265

    • SSDEEP

      1536:Z7qARubgzY/bEJy2RcpF80LDHhklv4JQC9DSW:NP+eY/bEJs/XBk9AP9l

    Score
    9/10
    • Contacts a large (71551) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

MITRE ATT&CK Enterprise v6

Tasks