Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    360-1-0x00008000-0x0002a8ac-memory.dmp

  • Size

    93KB

  • Sample

    230804-fkz7cahf54

  • MD5

    d7d6e23fe3b33beff79ccc9cd55f1fff

  • SHA1

    947536d93294d6cd9072aeb02f80f714a9359956

  • SHA256

    5df011064fa40f51ad7c60ba3eae33d28380de1ca64891eb6273fd53421af9ee

  • SHA512

    a0b52c61f487c6c6ab211224248fae22503eb6fb2817a1321f9c82081b1fae4b3d3e2ab66037d285a121515e3d31fa7377bb38a4d9c5a29d00ea74f93e31e394

  • SSDEEP

    1536:AlnvN2x7JJO9i2BdG0nA45/MbpSEt28UnLegi5vta3lMBIpllQLip0x/QU:yNJ9VBQm1m3PUnL45vta3lMLQ0xY

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      360-1-0x00008000-0x0002a8ac-memory.dmp

    • Size

      93KB

    • MD5

      d7d6e23fe3b33beff79ccc9cd55f1fff

    • SHA1

      947536d93294d6cd9072aeb02f80f714a9359956

    • SHA256

      5df011064fa40f51ad7c60ba3eae33d28380de1ca64891eb6273fd53421af9ee

    • SHA512

      a0b52c61f487c6c6ab211224248fae22503eb6fb2817a1321f9c82081b1fae4b3d3e2ab66037d285a121515e3d31fa7377bb38a4d9c5a29d00ea74f93e31e394

    • SSDEEP

      1536:AlnvN2x7JJO9i2BdG0nA45/MbpSEt28UnLegi5vta3lMBIpllQLip0x/QU:yNJ9VBQm1m3PUnL45vta3lMLQ0xY

    Score
    9/10
    • Contacts a large (92125) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks