Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    952014eb9bcfa14e6c950a9592e3fe5d

  • Size

    29KB

  • Sample

    231220-kbge4abhem

  • MD5

    952014eb9bcfa14e6c950a9592e3fe5d

  • SHA1

    876ebc3b879768602f577517a2ea2fb1cb0880b3

  • SHA256

    b55a742e282ad7e21f04d5c411a52201064ff22a8023d2d44957d683bffaa105

  • SHA512

    74874ac0965e697b59cf7d2591ae6bb7b4fefced016fe418e0fbdf404cccf6981251c7db4593623344f4732c4cc5c6dfa4eedf3dfd2a70f86ee580eaefd51048

  • SSDEEP

    768:WsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjOs3UozP:WsA/20yalvRBGEb5LzP

Malware Config

Extracted

Family

mirai

Botnet

UNST

Targets

    • Target

      952014eb9bcfa14e6c950a9592e3fe5d

    • Size

      29KB

    • MD5

      952014eb9bcfa14e6c950a9592e3fe5d

    • SHA1

      876ebc3b879768602f577517a2ea2fb1cb0880b3

    • SHA256

      b55a742e282ad7e21f04d5c411a52201064ff22a8023d2d44957d683bffaa105

    • SHA512

      74874ac0965e697b59cf7d2591ae6bb7b4fefced016fe418e0fbdf404cccf6981251c7db4593623344f4732c4cc5c6dfa4eedf3dfd2a70f86ee580eaefd51048

    • SSDEEP

      768:WsUBacyByf/2KXyaeeDpV6JxY3BGEbOorjOs3UozP:WsA/20yalvRBGEb5LzP

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (20430) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks