Overview

overview

10

Static

static

7

446014d453...34.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    160s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221111-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    07-05-2023 10:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    446014d45318c2906094f1ca77d30934.elf

  • Size

    31KB

  • MD5

    446014d45318c2906094f1ca77d30934

  • SHA1

    0ba9531cc3b34a0c3cb837a19ec75edcb09513d3

  • SHA256

    0cc1ed4e0354fa6f10270d7c92da185c7c4a4e13bd35bd4d1ecf856def6c2314

  • SHA512

    93e3395c3b50e87d28156af16b1b355c71110d868c9f218f095745ea3c71c1657a11a88bbd49e45977af9b17955c6dd1b0cfb8a5dd5ae9161b32ea9b002b5fef

  • SSDEEP

    768:n8Lm6COq1fewdHy62pud4yNOYSOyB8Lr669q3UELd8:8LJCmjpkcMKU2Li

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/446014d45318c2906094f1ca77d30934.elf
    /tmp/446014d45318c2906094f1ca77d30934.elf
    1⤵
    • Reads runtime system information
    PID:355

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/355-1-0x00008000-0x0002da90-memory.dmp
    Download