Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
98520685bcb57b1e7c903aa5b64e2d97.bin
-
Size
67KB
-
Sample
230502-b9f3jshd34
-
MD5
0c36ed73e97aadf97c4ddf492991ad0c
-
SHA1
522ed750b04dbe7ac15b5991993c7e42ad01937b
-
SHA256
bf501dd5a3e9982aaed53b36eab1c08a620a923bfa37f3e4f1a17490578d756e
-
SHA512
cea5b5ab265ab4db12f4923bc5dd245fb45981060948fee16f43d5c16689225963ab5a1210820e3c4dddbab8c3e16e16eca6f423616bcb6b8f9fab7df3055249
-
SSDEEP
1536:VO7jGu3KxosmRlTpLsEBhDT7Zs7Ii+HCJcEEA:VKjBEoJT9sEBJeF+HPE7
Malware Config
Extracted
mirai
KYTON
Targets
-
-
Target
00d9fe0a6bb4c16c51af172afcd42df3da3ac918af723d4c89465c80b74824e5.elf
-
Size
68KB
-
MD5
98520685bcb57b1e7c903aa5b64e2d97
-
SHA1
6c7e69c20c02e498acd803863207646ef965a1fa
-
SHA256
00d9fe0a6bb4c16c51af172afcd42df3da3ac918af723d4c89465c80b74824e5
-
SHA512
396d9badc38762fe160985ea5e7b27e1ec4891eb20db321e28892eba46bc0491bf7b91b732566649fc435a7380b6bfb208ac6e027e0b5cb8249855c8d3cb2a63
-
SSDEEP
1536:bmuRtG/R7HiIb+wkqER7/kpevPyJTD/Lh1mhIJXXwi1zqP:blw/sIWPt/+eva5bLh1mCJXX/hO
-
Contacts a large (81808) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Changes its process name
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-