Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a47bbd550841be1a1641820d6eab494d
-
Size
52KB
-
Sample
231220-mmv4qsafaj
-
MD5
a47bbd550841be1a1641820d6eab494d
-
SHA1
ddf806ebc9b7a54dd11170838b8d0d4d34194654
-
SHA256
45c93d2d393a625a7f0802fd0a9b925de683aab9b632dfd2ce90716cd1e26da1
-
SHA512
9bd9557040c58312250bd7ecc77609803e9d2578f3fb8fc35d72daf734545c753a20822717246c9758ba060136c6c42f70bae24be6f95ccd2f24bf231cca592a
-
SSDEEP
1536:XVBCnVHnld0RYdRtbi/Sliu4LEan7wM3LO8:by9n8YdTi/XLP7/LP
Malware Config
Extracted
mirai
MIRAI
Targets
-
-
Target
a47bbd550841be1a1641820d6eab494d
-
Size
52KB
-
MD5
a47bbd550841be1a1641820d6eab494d
-
SHA1
ddf806ebc9b7a54dd11170838b8d0d4d34194654
-
SHA256
45c93d2d393a625a7f0802fd0a9b925de683aab9b632dfd2ce90716cd1e26da1
-
SHA512
9bd9557040c58312250bd7ecc77609803e9d2578f3fb8fc35d72daf734545c753a20822717246c9758ba060136c6c42f70bae24be6f95ccd2f24bf231cca592a
-
SSDEEP
1536:XVBCnVHnld0RYdRtbi/Sliu4LEan7wM3LO8:by9n8YdTi/XLP7/LP
-
Contacts a large (20283) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-