Analysis

  • max time kernel
    2s
  • max time network
    126s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    30-04-2023 21:48

General

  • Target

    8264510459d6273026dccfdb29ea2460.elf

  • Size

    46KB

  • MD5

    8264510459d6273026dccfdb29ea2460

  • SHA1

    71fba255c75571d777436cd11377d92c09e18941

  • SHA256

    269085125a6c9a91ff1a2b3c3d57681e34daf75d67a62f7042708faf7ec72503

  • SHA512

    0882bc255bbb28efd11e082ce1d4e09c0e8e84a5d3ebc493edbb8797a1a8ae47a4b124c085bc9ddbb7453cb4ce8cf08efa6387eb3eb08625256cc2e4986c6b96

  • SSDEEP

    768:XLj9uq73up+4+Bdxt4E2kczKl9XzysNURf6aY82Wj6Kld7Z5Wuf1v4xNrNpDLLRs:bj5LurqIKpNUN6aYBILetXRaWFLo

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

KYTON

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/8264510459d6273026dccfdb29ea2460.elf
    /tmp/8264510459d6273026dccfdb29ea2460.elf
    1⤵
    • Reads runtime system information
    PID:351

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/351-1-0x00008000-0x0002ff58-memory.dmp