Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Hgf.x86.elf

  • Size

    23KB

  • Sample

    250209-l49g1stkgx

  • MD5

    fa610cec756d9e59636749bc787ee6ac

  • SHA1

    5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6

  • SHA256

    602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439

  • SHA512

    3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c

  • SSDEEP

    384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

cnc.stressamp.com

Targets

    • Target

      Hgf.x86.elf

    • Size

      23KB

    • MD5

      fa610cec756d9e59636749bc787ee6ac

    • SHA1

      5471e0a2d2bd635df8b574c78c0cc39d1d40a8f6

    • SHA256

      602f8076ed24db46164f6633dd50fcfbe27efd51eadb0f61d58d6814e0ea5439

    • SHA512

      3aa1b40fe2f033a7e08c699cac912700552d878cb783db55f88ee8a1dce04fa824ced78fe066a4826c61a8575726430d5ce7ebfe6336467b5cb6c7707235417c

    • SSDEEP

      384:Mjjnjb1wD8dXBxjr63hZV3xON3/5ykLGQnzscaGjGYiyWjek8iLV3HKGD:Kjb1wD8hjQbV3xW/AEGEzhaOTiNjeJiv

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Contacts a large (75233) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks