Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fedd7b9e3fb66cd8a521a5e1916696ae.elf
-
Size
104KB
-
Sample
230418-py23jabd83
-
MD5
fedd7b9e3fb66cd8a521a5e1916696ae
-
SHA1
8d74dc8783724da05a20135c7225d12c68dbb2aa
-
SHA256
90afe1dbb17c11ff9bc870842bcda7d9829a996b4f40de6a40e1235ce9d15fba
-
SHA512
ce03cc85fb2c31c130212e9c37f64d4086a59a31ee72bb2076b0c37ec1f5d44a2842067dbcdca8dbe4d8c5c1412bf4177f8c6d4ef8f7f946cd9ca1b57de92411
-
SSDEEP
3072:olhUX+jP9NWjVzH4hh+d2TBvMt9M/9QhMeF:oUujPWjVzH0hPvMXM/9QhMeF
Behavioral task
behavioral1
Sample
fedd7b9e3fb66cd8a521a5e1916696ae.elf
Resource
debian9-armhf-20221111-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
fedd7b9e3fb66cd8a521a5e1916696ae.elf
-
Size
104KB
-
MD5
fedd7b9e3fb66cd8a521a5e1916696ae
-
SHA1
8d74dc8783724da05a20135c7225d12c68dbb2aa
-
SHA256
90afe1dbb17c11ff9bc870842bcda7d9829a996b4f40de6a40e1235ce9d15fba
-
SHA512
ce03cc85fb2c31c130212e9c37f64d4086a59a31ee72bb2076b0c37ec1f5d44a2842067dbcdca8dbe4d8c5c1412bf4177f8c6d4ef8f7f946cd9ca1b57de92411
-
SSDEEP
3072:olhUX+jP9NWjVzH4hh+d2TBvMt9M/9QhMeF:oUujPWjVzH0hPvMXM/9QhMeF
Score9/10-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Contacts a large (1493) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-