Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
774c83dc5d3445606dd21463e6944dd2
-
Size
211KB
-
Sample
231220-bfgrzsgeh7
-
MD5
774c83dc5d3445606dd21463e6944dd2
-
SHA1
118852631b0d7ed83e65b2a6f8224740e7443ef4
-
SHA256
4f9e162882aa0d8619c7d8f391075d29bf656e943ea9eed7ef7a586dbbc59842
-
SHA512
851ebfa3269b54fd85df8d2bedb4580c0016f7683b443553bf8a0f3e7e72cf48662e962185b44cfb3ec6dc504a622eb4b6b5fa6d3fdf6725200353d8235dd9ec
-
SSDEEP
3072:fhahz/4OQTeCJllo1yFIUEPM7V7Fqm7e1H1TXhkmU8h2aAOJHJZNJ:QFC1ogF5pU1H1rhkmU8h2aAOJHJZNJ
Behavioral task
behavioral1
Sample
774c83dc5d3445606dd21463e6944dd2
Resource
debian9-mipsbe-20231215-en
Malware Config
Targets
-
-
Target
774c83dc5d3445606dd21463e6944dd2
-
Size
211KB
-
MD5
774c83dc5d3445606dd21463e6944dd2
-
SHA1
118852631b0d7ed83e65b2a6f8224740e7443ef4
-
SHA256
4f9e162882aa0d8619c7d8f391075d29bf656e943ea9eed7ef7a586dbbc59842
-
SHA512
851ebfa3269b54fd85df8d2bedb4580c0016f7683b443553bf8a0f3e7e72cf48662e962185b44cfb3ec6dc504a622eb4b6b5fa6d3fdf6725200353d8235dd9ec
-
SSDEEP
3072:fhahz/4OQTeCJllo1yFIUEPM7V7Fqm7e1H1TXhkmU8h2aAOJHJZNJ:QFC1ogF5pU1H1rhkmU8h2aAOJHJZNJ
Score9/10-
Contacts a large (50158) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-