Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
347-1-0x00400000-0x0045de6c-memory.dmp
-
Size
94KB
-
Sample
231103-bg4m5shg6x
-
MD5
75b559b8aec936b710ce5d5655eb09e1
-
SHA1
874740af6fc77899e1d5f8a2b75b21994b2c7073
-
SHA256
a3f84b81777e477d76459623d37b4fb5cfdd52e19c59b3fd0993c9e6b42dac72
-
SHA512
f8d8e70048b2db1e4331c621c112ddc286735dca7f1e52c42ef1a6a6a601d398b9a32452053b9e8c87a5a26f9a4e0023c13a53372ba0aeea82aecceddcfea9b8
-
SSDEEP
1536:wcizN5U1BwGYoyAiJL5e3ZFBA8M1L2pvMYW1OSKNgv:w3puA5e3VXEOSKev
Behavioral task
behavioral1
Sample
347-1-0x00400000-0x0045de6c-memory.dmp
Resource
debian9-mipsel-20231026-en
Malware Config
Extracted
mirai
KYTON
Targets
-
-
Target
347-1-0x00400000-0x0045de6c-memory.dmp
-
Size
94KB
-
MD5
75b559b8aec936b710ce5d5655eb09e1
-
SHA1
874740af6fc77899e1d5f8a2b75b21994b2c7073
-
SHA256
a3f84b81777e477d76459623d37b4fb5cfdd52e19c59b3fd0993c9e6b42dac72
-
SHA512
f8d8e70048b2db1e4331c621c112ddc286735dca7f1e52c42ef1a6a6a601d398b9a32452053b9e8c87a5a26f9a4e0023c13a53372ba0aeea82aecceddcfea9b8
-
SSDEEP
1536:wcizN5U1BwGYoyAiJL5e3ZFBA8M1L2pvMYW1OSKNgv:w3puA5e3VXEOSKev
Score9/10-
Contacts a large (110780) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Writes file to system bin folder
-