Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    skyljnearm7elf.elf

  • Size

    198KB

  • Sample

    240110-x5376segaj

  • MD5

    9931b0649bfc4996f3ff4e8d202eb60e

  • SHA1

    b8b50180d30720a3eeaf933b5fabb1ce2718df49

  • SHA256

    79ebb17616415d931b650b87f4fca70ddb899b21cb60783cfcf4b53068398350

  • SHA512

    bb9397ef2599476c3685a756ebeb6ef92a66002f2d192486684c445aba40379a5aa364b6bc803a30e722864c5797ffd74408fe06706701698ea6b204623bb32b

  • SSDEEP

    3072:kj5NOAkPeywZQa7a4IOaxCeiIcbD9I0xBtIOFOaD9otM/RhwN/:u58yQamLOaxCeiIc3VBFFO2KtM/Rho

Score
10/10

Malware Config

Extracted

Family

mirai

C2

bngoc.skyljne.click

Targets

    • Target

      skyljnearm7elf.elf

    • Size

      198KB

    • MD5

      9931b0649bfc4996f3ff4e8d202eb60e

    • SHA1

      b8b50180d30720a3eeaf933b5fabb1ce2718df49

    • SHA256

      79ebb17616415d931b650b87f4fca70ddb899b21cb60783cfcf4b53068398350

    • SHA512

      bb9397ef2599476c3685a756ebeb6ef92a66002f2d192486684c445aba40379a5aa364b6bc803a30e722864c5797ffd74408fe06706701698ea6b204623bb32b

    • SSDEEP

      3072:kj5NOAkPeywZQa7a4IOaxCeiIcbD9I0xBtIOFOaD9otM/RhwN/:u58yQamLOaxCeiIc3VBFFO2KtM/Rho

    Score
    9/10
    • Contacts a large (86557) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Changes its process name

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks