Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.Linux.Siggen.9999.17011.23537.elf

  • Size

    56KB

  • Sample

    240817-qxc8fs1drj

  • MD5

    f001bcac5e30063144fc5484d523268b

  • SHA1

    e91f8d03c32ef3f2a0ecf2113c055607e3b219c1

  • SHA256

    d9dbeceaead22cfb8f575b8b77a5c259d9b31296645eeac99cc1df18e4b07b8c

  • SHA512

    66f0e65f9ac90e756f8a16c984ad9c0e3c831b15d48d10624de78c2b34e817deea5dccedb348e7aae180b046d735b53712cb1799f48b7384c2aa4e0d2c3268d9

  • SSDEEP

    1536:YyEZV9XZ3BVAtU75jDrWlFqnvVcIVo73bSjaFzKY8d6:W9XKtwX0Fwu+OS+2d6

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Targets

    • Target

      SecuriteInfo.com.Linux.Siggen.9999.17011.23537.elf

    • Size

      56KB

    • MD5

      f001bcac5e30063144fc5484d523268b

    • SHA1

      e91f8d03c32ef3f2a0ecf2113c055607e3b219c1

    • SHA256

      d9dbeceaead22cfb8f575b8b77a5c259d9b31296645eeac99cc1df18e4b07b8c

    • SHA512

      66f0e65f9ac90e756f8a16c984ad9c0e3c831b15d48d10624de78c2b34e817deea5dccedb348e7aae180b046d735b53712cb1799f48b7384c2aa4e0d2c3268d9

    • SSDEEP

      1536:YyEZV9XZ3BVAtU75jDrWlFqnvVcIVo73bSjaFzKY8d6:W9XKtwX0Fwu+OS+2d6

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Contacts a large (222139) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks