Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bok.mips.elf

  • Size

    35KB

  • Sample

    230319-y7t8qaca8z

  • MD5

    e6df40d7a8466659262ba7ccedcde3f3

  • SHA1

    02149fef9322b9d27d4f524f695530312318cb9a

  • SHA256

    29ccf8a259158899ed74ae8ed63b9dc78a7a42a38c775f907426829c22dadb45

  • SHA512

    38591aa9a60b16458b63566c0766387a3bb4e1ff8f1b308f20d3ba1729b78c9e8528a808d4e431cd2e6be75dc1b6a1bfe05a0115653599857caeb444e6d6bee4

  • SSDEEP

    768:elMB/UAIKEfqGrWwGUezx0ip2bT5oApNyBhvtsr1RzeyjsQ7SO0RJgGlzDpbuR16:eiBsAIurwGXxobloAybvtORz9jF4VJu2

Score
9/10

Malware Config

Targets

    • Target

      bok.mips.elf

    • Size

      35KB

    • MD5

      e6df40d7a8466659262ba7ccedcde3f3

    • SHA1

      02149fef9322b9d27d4f524f695530312318cb9a

    • SHA256

      29ccf8a259158899ed74ae8ed63b9dc78a7a42a38c775f907426829c22dadb45

    • SHA512

      38591aa9a60b16458b63566c0766387a3bb4e1ff8f1b308f20d3ba1729b78c9e8528a808d4e431cd2e6be75dc1b6a1bfe05a0115653599857caeb444e6d6bee4

    • SSDEEP

      768:elMB/UAIKEfqGrWwGUezx0ip2bT5oApNyBhvtsr1RzeyjsQ7SO0RJgGlzDpbuR16:eiBsAIurwGXxobloAybvtORz9jF4VJu2

    Score
    9/10
    • Contacts a large (44792) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Enterprise v6

Tasks