Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1ebdbe21b35f5bb1291773961dbabdfd
-
Size
93KB
-
Sample
231219-2mav5aegb2
-
MD5
1ebdbe21b35f5bb1291773961dbabdfd
-
SHA1
78fa89f8377be1a2d0f03810f9dbe069b1a5338b
-
SHA256
38afb5ddaec4ece8409e6f83e1156e04e4237dce90be988f6ce4c7c1f8be8279
-
SHA512
fe57b374239a501e5c6c2e53ee5d3375ffc0e540c4eaee19b58b6b4f2aa17119b700f91535522f578ff247bba10b87af84f0e4fdf71030415cc06f44bd2d00e1
-
SSDEEP
1536:vrHvYp48JxAGhXG5SbPvFYdX2tUv+Piwl6+dwqe7AZWmlQy5HKKPXRNKQHRsMJPp:7vB8JxA0XRMqe7UWmlQaKKPXRNKQxsMn
Behavioral task
behavioral1
Sample
1ebdbe21b35f5bb1291773961dbabdfd
Resource
debian9-mipsbe-20231215-en
Malware Config
Extracted
mirai
MIRAI
darkdnsnet.duckdns.org
darkdnsscan.duckdns.org
Targets
-
-
Target
1ebdbe21b35f5bb1291773961dbabdfd
-
Size
93KB
-
MD5
1ebdbe21b35f5bb1291773961dbabdfd
-
SHA1
78fa89f8377be1a2d0f03810f9dbe069b1a5338b
-
SHA256
38afb5ddaec4ece8409e6f83e1156e04e4237dce90be988f6ce4c7c1f8be8279
-
SHA512
fe57b374239a501e5c6c2e53ee5d3375ffc0e540c4eaee19b58b6b4f2aa17119b700f91535522f578ff247bba10b87af84f0e4fdf71030415cc06f44bd2d00e1
-
SSDEEP
1536:vrHvYp48JxAGhXG5SbPvFYdX2tUv+Piwl6+dwqe7AZWmlQy5HKKPXRNKQHRsMJPp:7vB8JxA0XRMqe7UWmlQaKKPXRNKQxsMn
Score9/10-
Contacts a large (16649) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-