Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5abd010173344a62edefeb0f90c1f8dc
-
Size
141KB
-
Sample
231219-3bb5gsged7
-
MD5
5abd010173344a62edefeb0f90c1f8dc
-
SHA1
fa7d7cb573b02e8c05ebfdd12e19a933370a8e94
-
SHA256
680c4bfce1d363a1427f7dfb7aef05af51b05d97d992022c13b39401bc6ee4c0
-
SHA512
e2918cfeb3cd6815cd74affcc00cc2a22ed85bc85ca29112eb263b29878a83427d6e86a8c0ab12ec029d14a02ce2fd7d3904499107ae8fdb768d629fdcc87c28
-
SSDEEP
3072:walgM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvSPhLZ85iBMR6yoC1Qa:walgM69pe0QmlTvI8t9mrsplDKZUQQBr
Behavioral task
behavioral1
Sample
5abd010173344a62edefeb0f90c1f8dc
Resource
debian9-armhf-20231215-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
5abd010173344a62edefeb0f90c1f8dc
-
Size
141KB
-
MD5
5abd010173344a62edefeb0f90c1f8dc
-
SHA1
fa7d7cb573b02e8c05ebfdd12e19a933370a8e94
-
SHA256
680c4bfce1d363a1427f7dfb7aef05af51b05d97d992022c13b39401bc6ee4c0
-
SHA512
e2918cfeb3cd6815cd74affcc00cc2a22ed85bc85ca29112eb263b29878a83427d6e86a8c0ab12ec029d14a02ce2fd7d3904499107ae8fdb768d629fdcc87c28
-
SSDEEP
3072:walgM69pe0QmlTvIUdt9mrsplDKZUQQBKXAVanXX+F8JyvSPhLZ85iBMR6yoC1Qa:walgM69pe0QmlTvI8t9mrsplDKZUQQBr
Score9/10-
Contacts a large (19947) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-