Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5ac4dea299a0dc62ea0541579aa36f37_JaffaCakes118

  • Size

    34KB

  • Sample

    240519-wzszksbd8s

  • MD5

    5ac4dea299a0dc62ea0541579aa36f37

  • SHA1

    e36ec58c23f79a3b907a075d7a835d8ebf17c495

  • SHA256

    1428f978e5b7c6ce39a2676666f0bc7697415b02fe3bd6015112a5b1911738aa

  • SHA512

    c6c9e922f412882a1a363c62639f4f6555ecfd0f14b66d15c44f678b22f8e0f4ef229b0e6d98b20fb022c5475870719e2f7a56fe877a991b866f0be3f909e827

  • SSDEEP

    768:FpozStqL29wJLaHZ0hsnl+woo9n+6nbcuyD7Uvccpr:Fvt24pLnBnouy8vccpr

Malware Config

Targets

    • Target

      5ac4dea299a0dc62ea0541579aa36f37_JaffaCakes118

    • Size

      34KB

    • MD5

      5ac4dea299a0dc62ea0541579aa36f37

    • SHA1

      e36ec58c23f79a3b907a075d7a835d8ebf17c495

    • SHA256

      1428f978e5b7c6ce39a2676666f0bc7697415b02fe3bd6015112a5b1911738aa

    • SHA512

      c6c9e922f412882a1a363c62639f4f6555ecfd0f14b66d15c44f678b22f8e0f4ef229b0e6d98b20fb022c5475870719e2f7a56fe877a991b866f0be3f909e827

    • SSDEEP

      768:FpozStqL29wJLaHZ0hsnl+woo9n+6nbcuyD7Uvccpr:Fvt24pLnBnouy8vccpr

    Score
    10/10
    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (8962) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks