Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07ae2774caf546358cde3b9751dac02f

  • Size

    89KB

  • Sample

    231219-2b8b9aagd6

  • MD5

    07ae2774caf546358cde3b9751dac02f

  • SHA1

    2dee08f7812fe7c8d4d1ba121a635e7344a5af9c

  • SHA256

    8b33823366ce20a7246f967e542555b976e1c966d414aa71785d08b1f2cb3572

  • SHA512

    6a8e20b24345c184a91f1d1df93d4c679a3cf2bdee2cec170ca1e99cc61cf87f8690ecf355adb2017ce1b3a553d95d7bdce38e26e19d0a8b68b7c1194d70fdf0

  • SSDEEP

    1536:NYCYxrXP40ODJPwHRQ9PlzTRfyToNoZqKi:qCYxrKDJ46N7

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      07ae2774caf546358cde3b9751dac02f

    • Size

      89KB

    • MD5

      07ae2774caf546358cde3b9751dac02f

    • SHA1

      2dee08f7812fe7c8d4d1ba121a635e7344a5af9c

    • SHA256

      8b33823366ce20a7246f967e542555b976e1c966d414aa71785d08b1f2cb3572

    • SHA512

      6a8e20b24345c184a91f1d1df93d4c679a3cf2bdee2cec170ca1e99cc61cf87f8690ecf355adb2017ce1b3a553d95d7bdce38e26e19d0a8b68b7c1194d70fdf0

    • SSDEEP

      1536:NYCYxrXP40ODJPwHRQ9PlzTRfyToNoZqKi:qCYxrKDJ46N7

    Score
    9/10
    • Contacts a large (20212) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks