Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6916f47a88f2bc37aa09c7035793ae4e

  • Size

    64KB

  • Sample

    231219-3gl7msgacj

  • MD5

    6916f47a88f2bc37aa09c7035793ae4e

  • SHA1

    2e475fda95e8f2989a66316c7274981ea87d7fbf

  • SHA256

    ceec67659e83a609c7c303e24a0efbcc93bf02e2137607ca22030680e769f034

  • SHA512

    8c4dfb5542c42a9035eba4176fa293ffe7ba603efb0fe216758f38c079c352317946df8c56a85c84c87bc2e05ed9b54fa87d60964f2030c9f98cc5e3e30df800

  • SSDEEP

    1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4ZO:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      6916f47a88f2bc37aa09c7035793ae4e

    • Size

      64KB

    • MD5

      6916f47a88f2bc37aa09c7035793ae4e

    • SHA1

      2e475fda95e8f2989a66316c7274981ea87d7fbf

    • SHA256

      ceec67659e83a609c7c303e24a0efbcc93bf02e2137607ca22030680e769f034

    • SHA512

      8c4dfb5542c42a9035eba4176fa293ffe7ba603efb0fe216758f38c079c352317946df8c56a85c84c87bc2e05ed9b54fa87d60964f2030c9f98cc5e3e30df800

    • SSDEEP

      1536:IIG9170vwHbQXZ5+qXDEuXi9aBSW7V/DjObeFt6PuQ4ZO:I917iwHbQXZ5+qXA59eSWZ/XObeb6GZZ

    Score
    9/10
    • Contacts a large (20638) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks