Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07ae2774caf546358cde3b9751dac02f

  • Size

    89KB

  • Sample

    231219-2b8b9aagd6

  • MD5

    07ae2774caf546358cde3b9751dac02f

  • SHA1

    2dee08f7812fe7c8d4d1ba121a635e7344a5af9c

  • SHA256

    8b33823366ce20a7246f967e542555b976e1c966d414aa71785d08b1f2cb3572

  • SHA512

    6a8e20b24345c184a91f1d1df93d4c679a3cf2bdee2cec170ca1e99cc61cf87f8690ecf355adb2017ce1b3a553d95d7bdce38e26e19d0a8b68b7c1194d70fdf0

  • SSDEEP

    1536:NYCYxrXP40ODJPwHRQ9PlzTRfyToNoZqKi:qCYxrKDJ46N7

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      07ae2774caf546358cde3b9751dac02f

    • Size

      89KB

    • MD5

      07ae2774caf546358cde3b9751dac02f

    • SHA1

      2dee08f7812fe7c8d4d1ba121a635e7344a5af9c

    • SHA256

      8b33823366ce20a7246f967e542555b976e1c966d414aa71785d08b1f2cb3572

    • SHA512

      6a8e20b24345c184a91f1d1df93d4c679a3cf2bdee2cec170ca1e99cc61cf87f8690ecf355adb2017ce1b3a553d95d7bdce38e26e19d0a8b68b7c1194d70fdf0

    • SSDEEP

      1536:NYCYxrXP40ODJPwHRQ9PlzTRfyToNoZqKi:qCYxrKDJ46N7

    Score
    9/10
    • Contacts a large (20212) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.