Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    36510x000080000x000338a8m.dmp

  • Size

    129KB

  • Sample

    230709-san3jsdd92

  • MD5

    5f87d08be4faff9241a24a1647e11e0c

  • SHA1

    94dcbd2650a36fd854cf771347196ec5b184cb36

  • SHA256

    bdee46c33687faf5ac2e2f01b0dec099e6a2ac29f2aff86f63c8f19bc2a52493

  • SHA512

    9315d6eadcb6c72ab4b5f008a7f124d7501208bb919bed6f9130cad0804313790f250322189619fb984e9177b396ad87c820e52cc951ccae85c878f1321f8e30

  • SSDEEP

    3072:fNFR7VkQCpUlxFjKIWE5H09mrsplDKZUqQBKXAVanSX+F8JyvZovhL+ABH9G06gn:fNvz0UlxltWE5H09mrsplDKZUqQBKXAH

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

UNST

Targets

    • Target

      36510x000080000x000338a8m.dmp

    • Size

      129KB

    • MD5

      5f87d08be4faff9241a24a1647e11e0c

    • SHA1

      94dcbd2650a36fd854cf771347196ec5b184cb36

    • SHA256

      bdee46c33687faf5ac2e2f01b0dec099e6a2ac29f2aff86f63c8f19bc2a52493

    • SHA512

      9315d6eadcb6c72ab4b5f008a7f124d7501208bb919bed6f9130cad0804313790f250322189619fb984e9177b396ad87c820e52cc951ccae85c878f1321f8e30

    • SSDEEP

      3072:fNFR7VkQCpUlxFjKIWE5H09mrsplDKZUqQBKXAVanSX+F8JyvZovhL+ABH9G06gn:fNvz0UlxltWE5H09mrsplDKZUqQBKXAH

    Score
    9/10
    • Contacts a large (20205) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v6

Tasks