Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
228fcc00b501ec5a064875d90d2443a5
-
Size
39KB
-
Sample
231219-2nlzsacadl
-
MD5
228fcc00b501ec5a064875d90d2443a5
-
SHA1
3a9aba9e464dc83df1cc7cf7a961170f65336bde
-
SHA256
22773d53db5dbec43154b064eff33552a6c7585d73ca6fa38b9b9a9a3758fcc7
-
SHA512
98852745980e63bd01bf62476726e584e54b741cebac45e74f6bc6dfb8a67ded51d82f2381d441200d8be7ea0560cbcf516b20b1930442febee4b586aa290b5f
-
SSDEEP
768:LLYswiPo9qP4HpvCsV0vMNZsXdgCiQUrkqpc6wJgGlzDpxYsje:gGyqP4JvCsVVNgdHUjoVrYd
Static task
static1
Malware Config
Extracted
mirai
KYTON
Targets
-
-
Target
228fcc00b501ec5a064875d90d2443a5
-
Size
39KB
-
MD5
228fcc00b501ec5a064875d90d2443a5
-
SHA1
3a9aba9e464dc83df1cc7cf7a961170f65336bde
-
SHA256
22773d53db5dbec43154b064eff33552a6c7585d73ca6fa38b9b9a9a3758fcc7
-
SHA512
98852745980e63bd01bf62476726e584e54b741cebac45e74f6bc6dfb8a67ded51d82f2381d441200d8be7ea0560cbcf516b20b1930442febee4b586aa290b5f
-
SSDEEP
768:LLYswiPo9qP4HpvCsV0vMNZsXdgCiQUrkqpc6wJgGlzDpxYsje:gGyqP4JvCsVVNgdHUjoVrYd
-
Contacts a large (92204) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Writes file to system bin folder
-