Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
xd.x86.elf
-
Size
29KB
-
Sample
230606-hcb6nacc79
-
MD5
27cdb18684ed957621948517c76d12b4
-
SHA1
6a1fa30eeb323c224128ad2d70051163349cea59
-
SHA256
c978005c04128657771c35425d201cd7a1438b7a2e0ab4eb75a2bcc452e78e78
-
SHA512
0aeae8bd73b9ffab19e0b3221a828c604e4f6deb81cc6b7669a8f5f8823ece81e337199b2ebaf34e57740c3f92a90e6514cad498d8cebce7583f8f8550fed6e2
-
SSDEEP
768:UN8f6tfoQmQAXV7E1QDvjnVAiSZd8H0GuOZk3WHSwqM:IMJXFl7IQjU6uj6
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
xd.x86.elf
-
Size
29KB
-
MD5
27cdb18684ed957621948517c76d12b4
-
SHA1
6a1fa30eeb323c224128ad2d70051163349cea59
-
SHA256
c978005c04128657771c35425d201cd7a1438b7a2e0ab4eb75a2bcc452e78e78
-
SHA512
0aeae8bd73b9ffab19e0b3221a828c604e4f6deb81cc6b7669a8f5f8823ece81e337199b2ebaf34e57740c3f92a90e6514cad498d8cebce7583f8f8550fed6e2
-
SSDEEP
768:UN8f6tfoQmQAXV7E1QDvjnVAiSZd8H0GuOZk3WHSwqM:IMJXFl7IQjU6uj6
-
Contacts a large (20130) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-