Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bash.sh
-
Size
3KB
-
Sample
250326-q9ypxsyjv2
-
MD5
e9b0d773e0a26ba53952ccdc63e3ed85
-
SHA1
a2109f081a259a98f3534e67332f166d2f4307cb
-
SHA256
7cc0addbe77dcd94ee4636584b53ef329c485313ff2566b7a0bfa7683c64543b
-
SHA512
5c276f6197e53bf5be0592b91e75c0ce097df25c8efda26e698e58dfdb638644e13b30afa2f61d8683eba013bff0decc4eb8be070ee4d6ebfeb7e22185798696
Malware Config
Extracted
mirai
OWARI
newageofkifirempire.camdvr.org
Extracted
mirai
OWARI
Extracted
mirai
OWARI
Extracted
mirai
OWARI
newageofkifirempire.camdvr.org
Extracted
mirai
OWARI
newageofkifirempire.camdvr.org
Extracted
mirai
OWARI
newageofkifirempire.camdvr.org
Targets
-
-
Target
bash.sh
-
Size
3KB
-
MD5
e9b0d773e0a26ba53952ccdc63e3ed85
-
SHA1
a2109f081a259a98f3534e67332f166d2f4307cb
-
SHA256
7cc0addbe77dcd94ee4636584b53ef329c485313ff2566b7a0bfa7683c64543b
-
SHA512
5c276f6197e53bf5be0592b91e75c0ce097df25c8efda26e698e58dfdb638644e13b30afa2f61d8683eba013bff0decc4eb8be070ee4d6ebfeb7e22185798696
Score10/10-
Detects Kaiten/Tsunami Payload
-
Detects Kaiten/Tsunami payload
-
Kaiten family
-
Kaiten/Tsunami
Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Mirai family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates active TCP sockets
Gets active TCP sockets from /proc virtual filesystem.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Impair Defenses
1Virtualization/Sandbox Evasion
1System Checks
1