Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    65044bb916f7110f2328e1216c07d93e_JaffaCakes118

  • Size

    30KB

  • Sample

    240521-2hwxssce83

  • MD5

    65044bb916f7110f2328e1216c07d93e

  • SHA1

    2d5f53856cdb9d0641810dfb3fdfe27e7fa665ef

  • SHA256

    a9dc6744303c8b3d2e6dec03fcfd1898234aaca056c49fe0ebdf0db64e3e7f0c

  • SHA512

    c22150de86010825ba2a6e299cfb35b2826f64bc82852be7a716e05301706530f326c30fca919867256ea98104600a9df2810ccc078e89996dfd8347676b6eef

  • SSDEEP

    768:w+HsbWt8UsJvlrhV2slj1OriaKJaVCUCEmW6Qo2A:w+H4WRbhrianVPCEmao2A

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      65044bb916f7110f2328e1216c07d93e_JaffaCakes118

    • Size

      30KB

    • MD5

      65044bb916f7110f2328e1216c07d93e

    • SHA1

      2d5f53856cdb9d0641810dfb3fdfe27e7fa665ef

    • SHA256

      a9dc6744303c8b3d2e6dec03fcfd1898234aaca056c49fe0ebdf0db64e3e7f0c

    • SHA512

      c22150de86010825ba2a6e299cfb35b2826f64bc82852be7a716e05301706530f326c30fca919867256ea98104600a9df2810ccc078e89996dfd8347676b6eef

    • SSDEEP

      768:w+HsbWt8UsJvlrhV2slj1OriaKJaVCUCEmW6Qo2A:w+H4WRbhrianVPCEmao2A

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (105622) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks