Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8629dcac030a30891848d1c42d65b7ef
-
Size
573KB
-
Sample
231220-fq3jnagah9
-
MD5
8629dcac030a30891848d1c42d65b7ef
-
SHA1
e25f950d7deb39639eb39322bed9b1f6e259ff7d
-
SHA256
79fbccdd13c18356ec8db2de02289fa3dee6b9f8c6ea4576543984439de0eb47
-
SHA512
ea5cba6f7110e88ad423317f7878eb0515e41d4cedf7a4bae02e7c862abd669539011d3336cdb532f1db33efeea6cc5118d9c3bd0685b3d153143ee19055c0c7
-
SSDEEP
12288:KzdIqiPzRCmzDWr2YZRMjE0ez34kLJGRuk6rpKbu72Ogm6YQ2VVwHe876/+ZVUTZ:vzmibKf
Behavioral task
behavioral1
Sample
8629dcac030a30891848d1c42d65b7ef
Resource
ubuntu1804-amd64-20231215-en
Malware Config
Extracted
mirai
ECHOBOT
Targets
-
-
Target
8629dcac030a30891848d1c42d65b7ef
-
Size
573KB
-
MD5
8629dcac030a30891848d1c42d65b7ef
-
SHA1
e25f950d7deb39639eb39322bed9b1f6e259ff7d
-
SHA256
79fbccdd13c18356ec8db2de02289fa3dee6b9f8c6ea4576543984439de0eb47
-
SHA512
ea5cba6f7110e88ad423317f7878eb0515e41d4cedf7a4bae02e7c862abd669539011d3336cdb532f1db33efeea6cc5118d9c3bd0685b3d153143ee19055c0c7
-
SSDEEP
12288:KzdIqiPzRCmzDWr2YZRMjE0ez34kLJGRuk6rpKbu72Ogm6YQ2VVwHe876/+ZVUTZ:vzmibKf
Score9/10-
Contacts a large (1479737) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-