Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d3a2b1e89d8bb17d829bada6ff6bbab6
-
Size
31KB
-
Sample
240318-qshx5shh27
-
MD5
d3a2b1e89d8bb17d829bada6ff6bbab6
-
SHA1
3d390577ffca2585e49f565234ef3f559937ee7f
-
SHA256
e50590f3d1409a2eda8864a32b1c30ebc3de157ac597f45c910cf8a4f0ae119a
-
SHA512
6a794857b7703ffaf473d69cbfce1d512f9b661f7f9c2e23e48ca28234c55b515be54076d62ace02b22b8c6833132ccbd05e18546949ec4549f6518906e353f2
-
SSDEEP
384:23fpCLrsjHIX69URc+hmnulY1qHprFKt6zhS45vDajssVwfuhlIa3lRWGVCz0Nvn:qfpWcehzJFYKgULAssKfuhSa3TW+
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
d3a2b1e89d8bb17d829bada6ff6bbab6
-
Size
31KB
-
MD5
d3a2b1e89d8bb17d829bada6ff6bbab6
-
SHA1
3d390577ffca2585e49f565234ef3f559937ee7f
-
SHA256
e50590f3d1409a2eda8864a32b1c30ebc3de157ac597f45c910cf8a4f0ae119a
-
SHA512
6a794857b7703ffaf473d69cbfce1d512f9b661f7f9c2e23e48ca28234c55b515be54076d62ace02b22b8c6833132ccbd05e18546949ec4549f6518906e353f2
-
SSDEEP
384:23fpCLrsjHIX69URc+hmnulY1qHprFKt6zhS45vDajssVwfuhlIa3lRWGVCz0Nvn:qfpWcehzJFYKgULAssKfuhSa3TW+
-
Contacts a large (20202) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-