Analysis
-
max time kernel
2s -
max time network
126s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
26-04-2023 09:12
General
-
Target
b0de139f9267b58ec250f5d607266368.elf
-
Size
32KB
-
MD5
b0de139f9267b58ec250f5d607266368
-
SHA1
636c956c2dc988369226a33968cc29c1d4667866
-
SHA256
6e2c41e696e3cb8e41a8af5d6ac89e6bba80a15dc2f3fb2f992bd0afdf8cf7f8
-
SHA512
687bc0500818ad272c7bbe5ae2a61358b773d46c918892333aaa06e4caf210ab9dc4719b81f1299b437fea8aa3271594b371ba75cbeb3bcd9e1ff261d48bee9f
-
SSDEEP
768:1oiWiO031vpAPbrVWZK3XVGxm9X53e9q3UEL5IX:1orm1vpALgUJ5zLk
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
b0de139f9267b58ec250f5d607266368.elfdescription ioc process File opened for reading /proc/self/exe b0de139f9267b58ec250f5d607266368.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/352-1-0x00008000-0x0002db18-memory.dmp