Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
952014eb9bcfa14e6c950a9592e3fe5d
-
Size
29KB
-
Sample
231220-kbge4abhem
-
MD5
952014eb9bcfa14e6c950a9592e3fe5d
-
SHA1
876ebc3b879768602f577517a2ea2fb1cb0880b3
-
SHA256
b55a742e282ad7e21f04d5c411a52201064ff22a8023d2d44957d683bffaa105
-
SHA512
74874ac0965e697b59cf7d2591ae6bb7b4fefced016fe418e0fbdf404cccf6981251c7db4593623344f4732c4cc5c6dfa4eedf3dfd2a70f86ee580eaefd51048
-
SSDEEP
768:WsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjOs3UozP:WsA/20yalvRBGEb5LzP
Malware Config
Extracted
mirai
UNST
Targets
-
-
Target
952014eb9bcfa14e6c950a9592e3fe5d
-
Size
29KB
-
MD5
952014eb9bcfa14e6c950a9592e3fe5d
-
SHA1
876ebc3b879768602f577517a2ea2fb1cb0880b3
-
SHA256
b55a742e282ad7e21f04d5c411a52201064ff22a8023d2d44957d683bffaa105
-
SHA512
74874ac0965e697b59cf7d2591ae6bb7b4fefced016fe418e0fbdf404cccf6981251c7db4593623344f4732c4cc5c6dfa4eedf3dfd2a70f86ee580eaefd51048
-
SSDEEP
768:WsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjOs3UozP:WsA/20yalvRBGEb5LzP
-
Contacts a large (20430) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-