Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20250307-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20250307-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    12/03/2025, 00:02

General

  • Target

    morte.x64.elf

  • Size

    45KB

  • MD5

    466984eb01c2a2a4698c0247c6d0b7d1

  • SHA1

    e9faa24bae697faffdc1225c269630809f5021ef

  • SHA256

    084e43a2bbee59249d8b909357b8e6806c38e1fa203ffe0ac2c2cc8f5a361ab8

  • SHA512

    1a53e57478516f619f9b39b3bd7064e4b67145bf9a98cf6e595219bcaec6118c292df1c92f37d8f7d1b903c430bb27470f103fc22b1732792331470869a7877b

  • SSDEEP

    768:r3n0J8LBJoIdxsWYp2MgE+eRIkox70o7iVbY1+Vy58JwtuFD0lBvd1CFeqx062n:bn0OLrkW02vE+UIP10rYpID0Dd1CHxO

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Mirai family
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

Processes

  • /tmp/morte.x64.elf
    /tmp/morte.x64.elf
    1⤵
    • Modifies Watchdog functionality
    PID:1562

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads