Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Hgf.x86.elf
-
Size
23KB
-
Sample
250209-l49g1stkgx
-
MD5
fa610cec756d9e59636749bc787ee6ac
-
SHA1
5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6
-
SHA256
602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439
-
SHA512
3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c
-
SSDEEP
384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv
Behavioral task
behavioral1
Sample
Hgf.x86.elf
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Extracted
mirai
BOTNET
cnc.stressamp.com
Targets
-
-
Target
Hgf.x86.elf
-
Size
23KB
-
MD5
fa610cec756d9e59636749bc787ee6ac
-
SHA1
5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6
-
SHA256
602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439
-
SHA512
3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c
-
SSDEEP
384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv
Score10/10-
Mirai family
-
Contacts a large (75233) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-