Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    11/03/2025, 14:27

General

  • Target

    morte.mpsl.elf

  • Size

    47KB

  • MD5

    bf6111a35077252dcd92c915d37a824a

  • SHA1

    910bc8be3b54bdaf36bba6dcc48d78d6e590eba6

  • SHA256

    04cb19dfda51cf42df9b6a118ef9f656e5c403160346bef2456dd100f2fed325

  • SHA512

    521b2ab1d2d65929188c20ee1792fc4c420fc73d32c528b584477e1d1e62bf44899e52ee744c6c196c161fe6c80c7b4efdd5a4eb74b60bda5683b34d4d4d76eb

  • SSDEEP

    768:Hel5RgrzoHJ9NLe1f7sMNI9jWDWBPpVhqh+Xiu7G8f7PcSwic+4CPlgWg:iggHz1e1fNIAD6PpDqh+yYDPcSwicuc

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Mirai family
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Processes

  • /tmp/morte.mpsl.elf
    /tmp/morte.mpsl.elf
    1⤵
    • Modifies Watchdog functionality
    PID:702

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads