Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5550866e5e1fa4166d1355ea1c7db587
-
Size
44KB
-
Sample
231219-29bqyaffe5
-
MD5
5550866e5e1fa4166d1355ea1c7db587
-
SHA1
e240ab47c174633b0c7dde15e598d94debcd25dc
-
SHA256
fbee966ac3095c6d829c40d94e494fcbe9bd5d4c7aab8d58e6371e45739bc98b
-
SHA512
a243f2530907252135fb8d7d19cca02f3ff775e594ac22245438c0c47214ef3792d4ae7473a3b87987c277b405f0a100de69c2d0ea683e30d3394a23177394cc
-
SSDEEP
768:WqQFxEieXEEbIG4McZyntYJlAwuq3U0Lc1Sez8jy+XI1FmMs:3QFxTeXEs4LMntYvfO82+41QT
Static task
static1
Malware Config
Extracted
mirai
LAYER
Targets
-
-
Target
5550866e5e1fa4166d1355ea1c7db587
-
Size
44KB
-
MD5
5550866e5e1fa4166d1355ea1c7db587
-
SHA1
e240ab47c174633b0c7dde15e598d94debcd25dc
-
SHA256
fbee966ac3095c6d829c40d94e494fcbe9bd5d4c7aab8d58e6371e45739bc98b
-
SHA512
a243f2530907252135fb8d7d19cca02f3ff775e594ac22245438c0c47214ef3792d4ae7473a3b87987c277b405f0a100de69c2d0ea683e30d3394a23177394cc
-
SSDEEP
768:WqQFxEieXEEbIG4McZyntYJlAwuq3U0Lc1Sez8jy+XI1FmMs:3QFxTeXEs4LMntYvfO82+41QT
-
Contacts a large (20114) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-