Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a5689b1be862b89400d46b570ad3feb.bin

  • Size

    65KB

  • Sample

    230325-bv46tsad77

  • MD5

    5bf5843bf494163e02695a411d9e40c2

  • SHA1

    bc6bda69e910805e9753e6813cdd3830eb5ad642

  • SHA256

    96dcd72b44016a049ab24454bc78966dfba63af713e25987dac73cf0c0a1a122

  • SHA512

    30806da20a4615be976e059b140fbe461b9f07682fbc2df656b55cf5e60b43d9a043dfd34f84279a5a17a07f2ffc8ae5908068f71ffbffabaa71f32cdc023845

  • SSDEEP

    1536:iIyS1NsqJlLCmQbD3Mbv65wloEG744wbkjIGoXGKdNtwPrDQLr:iIXN9T+mjvDEYmIG8RQrDQLr

Score
10/10

Malware Config

Extracted

Family

mirai

C2

admin.duc3k.com

Targets

    • Target

      fd7509992d90badb4cb42623cbbfe8f9c63607faa4025d91ce5b528014f9d73e.elf

    • Size

      145KB

    • MD5

      6a5689b1be862b89400d46b570ad3feb

    • SHA1

      2945ca4fc1ae7fc92fd8249e8c206eea0a4cd1ea

    • SHA256

      fd7509992d90badb4cb42623cbbfe8f9c63607faa4025d91ce5b528014f9d73e

    • SHA512

      2898432caaafac8034de360da5f3c1d045aa13e5c4175aa49bddd94172c35a7c590c9de324e34f7b025de70a82075d12b9287ef6f779f7a08b76c377294929a9

    • SSDEEP

      3072:JLUTTSmaa9Fh8wBIBpne4OiKd3h3GSxQcM/9JUcuc/:JLGaa9Fh8wBILneNth3GSrM/9JUy/

    Score
    9/10
    • Contacts a large (34546) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Enterprise v6

Tasks