Overview

overview

10

Static

static

7

e672d299b0...c4.elf

ubuntu-18.04-amd64

10

Analysis

  • max time kernel
    152s
  • max time network
    135s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    09-05-2023 01:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e672d299b066eaf0b862b423b8ffb1ea5703b56f09868228da8e0e753f635dc4.elf

  • Size

    22KB

  • MD5

    e93221da4f7ec791295abbae87b8360b

  • SHA1

    336fec8c1988fc79adf4d6e410834e7ce3b655e1

  • SHA256

    e672d299b066eaf0b862b423b8ffb1ea5703b56f09868228da8e0e753f635dc4

  • SHA512

    ae593c333db159c712abf1f5fca7376da11c83799d6341c87ffc2c5cc43a75fe963e2b69b87223fcdec7fc906a3aa671c1d1370b161179f1c4e56555c19edf7e

  • SSDEEP

    384:TDYC95A2rM7RjFrvX2V6H2XJ8LaHYsbX1chNuHfmmcb4/N7KbxTKqNXcuiFqcJr:TDZ5Dw7RjFjcU+O24sDOuuE/Nmbx+qNm

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 17 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/e672d299b066eaf0b862b423b8ffb1ea5703b56f09868228da8e0e753f635dc4.elf
    /tmp/e672d299b066eaf0b862b423b8ffb1ea5703b56f09868228da8e0e753f635dc4.elf
    1⤵
      PID:614

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/614-1-0x0000000000400000-0x000000000050de48-memory.dmp
      Download