Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a47bbd550841be1a1641820d6eab494d

  • Size

    52KB

  • Sample

    231220-mmv4qsafaj

  • MD5

    a47bbd550841be1a1641820d6eab494d

  • SHA1

    ddf806ebc9b7a54dd11170838b8d0d4d34194654

  • SHA256

    45c93d2d393a625a7f0802fd0a9b925de683aab9b632dfd2ce90716cd1e26da1

  • SHA512

    9bd9557040c58312250bd7ecc77609803e9d2578f3fb8fc35d72daf734545c753a20822717246c9758ba060136c6c42f70bae24be6f95ccd2f24bf231cca592a

  • SSDEEP

    1536:XVBCnVHnld0RYdRtbi/Sliu4LEan7wM3LO8:by9n8YdTi/XLP7/LP

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      a47bbd550841be1a1641820d6eab494d

    • Size

      52KB

    • MD5

      a47bbd550841be1a1641820d6eab494d

    • SHA1

      ddf806ebc9b7a54dd11170838b8d0d4d34194654

    • SHA256

      45c93d2d393a625a7f0802fd0a9b925de683aab9b632dfd2ce90716cd1e26da1

    • SHA512

      9bd9557040c58312250bd7ecc77609803e9d2578f3fb8fc35d72daf734545c753a20822717246c9758ba060136c6c42f70bae24be6f95ccd2f24bf231cca592a

    • SSDEEP

      1536:XVBCnVHnld0RYdRtbi/Sliu4LEan7wM3LO8:by9n8YdTi/XLP7/LP

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (20283) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks