Overview

overview

10

Static

static

7

b6d826d11b...6e.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    124s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    02-05-2023 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6d826d11b3ac60fcf618011c87fccc02b8a7ac3b22a4554c82648130308db6e.elf

  • Size

    26KB

  • MD5

    10448ae8b51d72d5b5f3569e19341850

  • SHA1

    d4515ce27145bca39f1cf816c236b4e84b2cd6e7

  • SHA256

    b6d826d11b3ac60fcf618011c87fccc02b8a7ac3b22a4554c82648130308db6e

  • SHA512

    a33f141c128092beadc3fd6eb4e7e884848e5651f96a06dfc3f29a0bf379361458571dcb688407722c602afd95c06cc6c9c5a812b6127e2f856a7f54a774ec5f

  • SSDEEP

    768:JMKyhegCCMqfizjoNpd2vJdX6vwrw9q3UELui:OKy4qfqoeJdXWg5LD

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/b6d826d11b3ac60fcf618011c87fccc02b8a7ac3b22a4554c82648130308db6e.elf
    /tmp/b6d826d11b3ac60fcf618011c87fccc02b8a7ac3b22a4554c82648130308db6e.elf
    1⤵
    • Reads runtime system information
    PID:355

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/355-1-0x00008000-0x000228c4-memory.dmp
    Download