Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
36510x000080000x000338a8m.dmp
-
Size
129KB
-
Sample
230709-san3jsdd92
-
MD5
5f87d08be4faff9241a24a1647e11e0c
-
SHA1
94dcbd2650a36fd854cf771347196ec5b184cb36
-
SHA256
bdee46c33687faf5ac2e2f01b0dec099e6a2ac29f2aff86f63c8f19bc2a52493
-
SHA512
9315d6eadcb6c72ab4b5f008a7f124d7501208bb919bed6f9130cad0804313790f250322189619fb984e9177b396ad87c820e52cc951ccae85c878f1321f8e30
-
SSDEEP
3072:fNFR7VkQCpUlxFjKIWE5H09mrsplDKZUqQBKXAVanSX+F8JyvZovhL+ABH9G06gn:fNvz0UlxltWE5H09mrsplDKZUqQBKXAH
Behavioral task
behavioral1
Sample
36510x000080000x000338a8m.dmp
Resource
debian9-armhf-20221125-en
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
36510x000080000x000338a8m.dmp
-
Size
129KB
-
MD5
5f87d08be4faff9241a24a1647e11e0c
-
SHA1
94dcbd2650a36fd854cf771347196ec5b184cb36
-
SHA256
bdee46c33687faf5ac2e2f01b0dec099e6a2ac29f2aff86f63c8f19bc2a52493
-
SHA512
9315d6eadcb6c72ab4b5f008a7f124d7501208bb919bed6f9130cad0804313790f250322189619fb984e9177b396ad87c820e52cc951ccae85c878f1321f8e30
-
SSDEEP
3072:fNFR7VkQCpUlxFjKIWE5H09mrsplDKZUqQBKXAVanSX+F8JyvZovhL+ABH9G06gn:fNvz0UlxltWE5H09mrsplDKZUqQBKXAH
Score9/10-
Contacts a large (20205) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-