Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7557f4107ed3ed4e291577fdbf82dea5.bin

  • Size

    30KB

  • Sample

    240108-dq4evaabhk

  • MD5

    e1d710b4049b6b6dc6364c2e00e3fb64

  • SHA1

    2d9a23590031a5b90863183271e680c47bb62acb

  • SHA256

    b4bce2467d82b1cbe7ca711344503ad72bb8703bf4e7d1b483c152dbe62064ac

  • SHA512

    6431ab3d2f72f570b19073d8371265e0712cc9cfc2f0074f1c5e0348180425d2785ea0f9e151f1b3f5e4e332c8db666d8838056edb99448b50fb5dce103cfb90

  • SSDEEP

    768:C4xKBmJaTlGsr5F0gdWp3uw3TljpP+7qxa4VnZk3SDfVD/1:C4xKHlGEcHew3TldP+QNdZk3UfVL1

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Targets

    • Target

      d8dacd3921a016ab597a8ffcf0aaa9496b3aef0c6b8c089511a37ffc34d1518c.elf

    • Size

      31KB

    • MD5

      7557f4107ed3ed4e291577fdbf82dea5

    • SHA1

      cdd7a2d038a0eec2549ae1436ed0773d80a8f4db

    • SHA256

      d8dacd3921a016ab597a8ffcf0aaa9496b3aef0c6b8c089511a37ffc34d1518c

    • SHA512

      f09993e9c73c93187e2fc49ad4c2acc53445f2ffee0a6a6e4178272bc287e6764dbfb09b7d835d0ced91a5d65185c0ed861c2666f7b99899f27e0f3706087c3f

    • SSDEEP

      768:VO1s9gKZjYfvymcPuf3NMGq9oVNDEGCFnuwdl8FJkaVJgGlzDpbuR1JC:Ss5mraoLC/dl8FJxVJuc

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (70109) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Deletes Audit logs

      Deletes logs related to the Linux Audit framework.

    • Deletes itself

    • Deletes system logs

      Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Deletes log files

      Deletes log files on the system.

MITRE ATT&CK Enterprise v15

Tasks