Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
sora.mpsl
-
Size
27KB
-
Sample
240201-sgtxdaabfl
-
MD5
f790a0f6fd01557676712ca1fb07e8a4
-
SHA1
0877fe0b463616e30302bca20a3ec98c7c9f63a3
-
SHA256
80cfe14c5e3dbb627f9a20a7e2a7ef0545501bb81c3465d831413a95e14d4ba8
-
SHA512
97dc745a575f2fb50331bb64eaa35e15b6d84e959387c4801d8366757976822f36f9279167eb16c9411613d1bc8a9d33b3b946f230de1bffa5e248308406121a
-
SSDEEP
768:5Asi7oKx1FyP1EXQi9tcL+nmub5vACDuWb:5di7oMUEAi9StK5vAI
Malware Config
Extracted
mirai
SORA
Targets
-
-
Target
sora.mpsl
-
Size
27KB
-
MD5
f790a0f6fd01557676712ca1fb07e8a4
-
SHA1
0877fe0b463616e30302bca20a3ec98c7c9f63a3
-
SHA256
80cfe14c5e3dbb627f9a20a7e2a7ef0545501bb81c3465d831413a95e14d4ba8
-
SHA512
97dc745a575f2fb50331bb64eaa35e15b6d84e959387c4801d8366757976822f36f9279167eb16c9411613d1bc8a9d33b3b946f230de1bffa5e248308406121a
-
SSDEEP
768:5Asi7oKx1FyP1EXQi9tcL+nmub5vACDuWb:5di7oMUEAi9StK5vAI
-
Contacts a large (49360) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-