Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6784c4fed3847b864eda8bef2ebe49b3

  • Size

    32KB

  • Sample

    231219-3fz24saee2

  • MD5

    6784c4fed3847b864eda8bef2ebe49b3

  • SHA1

    f0052295057f75d43dc48b4f1f7ae4f49a95ce73

  • SHA256

    86c6745ba9d80b92842d28eb03b46d5fae0e58a94528ba5b24b0501a3fdee14a

  • SHA512

    b2e51a55a71c35ed18663954eb951fec7c59062bea6e21b22173a4a15b79a7367c95cdd300ec3eb90e7f1b23ad9d979a6991994ff1b9daef88a1361713c6a27a

  • SSDEEP

    768:2XuOLbv6nyoCYRtP7Fomc4GPx6PrU9Pht1D9TMhqDwPGbHs8Oe:lO3v6yoCYDP7w48xSrU9pt7whes8O

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LARRY

C2

cnc.junoland.xyz

scan.junoland.xyz

Targets

    • Target

      6784c4fed3847b864eda8bef2ebe49b3

    • Size

      32KB

    • MD5

      6784c4fed3847b864eda8bef2ebe49b3

    • SHA1

      f0052295057f75d43dc48b4f1f7ae4f49a95ce73

    • SHA256

      86c6745ba9d80b92842d28eb03b46d5fae0e58a94528ba5b24b0501a3fdee14a

    • SHA512

      b2e51a55a71c35ed18663954eb951fec7c59062bea6e21b22173a4a15b79a7367c95cdd300ec3eb90e7f1b23ad9d979a6991994ff1b9daef88a1361713c6a27a

    • SSDEEP

      768:2XuOLbv6nyoCYRtP7Fomc4GPx6PrU9Pht1D9TMhqDwPGbHs8Oe:lO3v6yoCYDP7w48xSrU9pt7whes8O

    Score
    9/10
    • Contacts a large (53975) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks