Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
153s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20250307-en -
resource tags
arch:amd64arch:i386image:ubuntu2204-amd64-20250307-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system -
submitted
12/03/2025, 00:02
Behavioral task
behavioral1
Sample
morte.x64.elf
Resource
ubuntu2204-amd64-20250307-en
4 signatures
150 seconds
General
-
Target
morte.x64.elf
-
Size
45KB
-
MD5
466984eb01c2a2a4698c0247c6d0b7d1
-
SHA1
e9faa24bae697faffdc1225c269630809f5021ef
-
SHA256
084e43a2bbee59249d8b909357b8e6806c38e1fa203ffe0ac2c2cc8f5a361ab8
-
SHA512
1a53e57478516f619f9b39b3bd7064e4b67145bf9a98cf6e595219bcaec6118c292df1c92f37d8f7d1b903c430bb27470f103fc22b1732792331470869a7877b
-
SSDEEP
768:r3n0J8LBJoIdxsWYp2MgE+eRIkox70o7iVbY1+Vy58JwtuFD0lBvd1CFeqx062n:bn0OLrkW02vE+UIP10rYpID0Dd1CHxO
Score
10/10
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Mirai family
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/watchdog morte.x64.elf File opened for modification /dev/misc/watchdog morte.x64.elf -
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.