Overview

overview

10

Static

static

7

c425c068da...0f.elf

debian-9-armhf

10

Analysis

  • max time kernel
    2s
  • max time network
    124s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    01-05-2023 01:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c425c068da15b079b4a21a4782414547d51e7b80df2c0490ffa2a51659c46b0f.elf

  • Size

    32KB

  • MD5

    298e95e8d40cd2e7b8cc3e4fb13a9b66

  • SHA1

    32c347667686f8a6865b323c54dc942fdf3fd2f1

  • SHA256

    c425c068da15b079b4a21a4782414547d51e7b80df2c0490ffa2a51659c46b0f

  • SHA512

    c5fa3603de730af8e5f67e703e25888123b542178f433d3c6df01a28b0e82ac4712238c192787a5d23ac6b30af45a9d6e193bd574d5af4ac4563e338b0d3a2f8

  • SSDEEP

    768:uoiWiO031vpAPbrVWZK3XVGxm9XNe9q3UEL5IA:uorm1vpALgUJFL3

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/c425c068da15b079b4a21a4782414547d51e7b80df2c0490ffa2a51659c46b0f.elf
    /tmp/c425c068da15b079b4a21a4782414547d51e7b80df2c0490ffa2a51659c46b0f.elf
    1⤵
    • Reads runtime system information
    PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/368-1-0x00008000-0x0002db18-memory.dmp
    Download