Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
elitebotnet.mips.elf
-
Size
97KB
-
Sample
250113-lhmfcsxjdw
-
MD5
0589b3d263957e51899c048a347b5e0a
-
SHA1
253025ae97055316ad0bc4f9dd4c680e0a9af96a
-
SHA256
9701f870720ee716c02d544e6f148075d2798254cae3ad4263df3ef2c82b15d3
-
SHA512
82160c65efc3ed2086d4729ae7e97f98b9d237a1631421fd951db790be438db9432045ee16363da9c1070356d7d8227991711908674347edd9a4f3dc8f049284
-
SSDEEP
3072:kQW/HIc4mbkqFAuGz+8iYzfbNcQwbZnGN:kL/oqFAu6fTzfnwRGN
Behavioral task
behavioral1
Sample
elitebotnet.mips.elf
Resource
debian9-mipsbe-20240611-en
Malware Config
Extracted
mirai
MIRAI
asdfui.elite-api.su
Targets
-
-
Target
elitebotnet.mips.elf
-
Size
97KB
-
MD5
0589b3d263957e51899c048a347b5e0a
-
SHA1
253025ae97055316ad0bc4f9dd4c680e0a9af96a
-
SHA256
9701f870720ee716c02d544e6f148075d2798254cae3ad4263df3ef2c82b15d3
-
SHA512
82160c65efc3ed2086d4729ae7e97f98b9d237a1631421fd951db790be438db9432045ee16363da9c1070356d7d8227991711908674347edd9a4f3dc8f049284
-
SSDEEP
3072:kQW/HIc4mbkqFAuGz+8iYzfbNcQwbZnGN:kL/oqFAu6fTzfnwRGN
Score9/10-
Contacts a large (23673) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1