Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c060063aa33aff7d5be3b2fadbbea44
-
Size
28KB
-
Sample
231219-2k589aahgm
-
MD5
1c060063aa33aff7d5be3b2fadbbea44
-
SHA1
c43608e0f89433856965b1911c8ab3784bb560e4
-
SHA256
532e772150be62bac0323e703fcdb318395253449f20d60aa949f0d14673bf1b
-
SHA512
382b97bae6a4f0ce903d7e674b286f7bb7e4513599752333bef653b679d9fddb175191e8eeaafefc3e2bd9aad3cdad64335e33545f5ba92dad72d1bdc0622676
-
SSDEEP
768:pojR+gTBF3eCOw1eiPOFhIHhhqq4PSlWMKl:AR1F3UiP+uvqq4PSk
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
1c060063aa33aff7d5be3b2fadbbea44
-
Size
28KB
-
MD5
1c060063aa33aff7d5be3b2fadbbea44
-
SHA1
c43608e0f89433856965b1911c8ab3784bb560e4
-
SHA256
532e772150be62bac0323e703fcdb318395253449f20d60aa949f0d14673bf1b
-
SHA512
382b97bae6a4f0ce903d7e674b286f7bb7e4513599752333bef653b679d9fddb175191e8eeaafefc3e2bd9aad3cdad64335e33545f5ba92dad72d1bdc0622676
-
SSDEEP
768:pojR+gTBF3eCOw1eiPOFhIHhhqq4PSlWMKl:AR1F3UiP+uvqq4PSk
-
Contacts a large (13165) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-