Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
371-1-0x00008000-0x0002c818-memory.dmp
-
Size
101KB
-
Sample
230710-f9y1ksgg79
-
MD5
bcceeed8dc2385bf7be9d7792bcdc920
-
SHA1
b293ea91243192416ef85a3a33a51a29f5ac0509
-
SHA256
c1c5d0abc1328626587743298f4f87a63205f47a893578881b0b7312e8d11e81
-
SHA512
e34e1788cd7deadf008055e744ccef3a600aa4e22bed3471e9819ae66776bbafefc520fcea408efce3098f0151b9c26da8f58ec2291589589a82d71d3b64624e
-
SSDEEP
3072:xO+02yNCgsCwXBQHzIv10yw9mrsplDKZUjQBKXAVanrX+F8Jyvu7hLR8jg8r7tZL:xO+02yNCgsCwXBwzIvGyw9mrsplDKZUk
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
371-1-0x00008000-0x0002c818-memory.dmp
-
Size
101KB
-
MD5
bcceeed8dc2385bf7be9d7792bcdc920
-
SHA1
b293ea91243192416ef85a3a33a51a29f5ac0509
-
SHA256
c1c5d0abc1328626587743298f4f87a63205f47a893578881b0b7312e8d11e81
-
SHA512
e34e1788cd7deadf008055e744ccef3a600aa4e22bed3471e9819ae66776bbafefc520fcea408efce3098f0151b9c26da8f58ec2291589589a82d71d3b64624e
-
SSDEEP
3072:xO+02yNCgsCwXBQHzIv10yw9mrsplDKZUjQBKXAVanrX+F8Jyvu7hLR8jg8r7tZL:xO+02yNCgsCwXBwzIvGyw9mrsplDKZUk
Score9/10-
Contacts a large (20559) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-