Analysis
-
max time kernel
1s -
max time network
127s -
platform
debian-9_armhf -
resource
debian9-armhf-20221125-en -
resource tags
arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
12-05-2023 08:19
General
-
Target
26048119b40ae3d8e1de9bacbea22109.elf
-
Size
32KB
-
MD5
26048119b40ae3d8e1de9bacbea22109
-
SHA1
5fce85ca9caaa56f8db9cc6c1cf63fb9cf7a23a8
-
SHA256
4e4b7fbf32ca7fa0fe1e8218e8da72f16bff04dde3e3eaa59b169af18b758413
-
SHA512
88a3300d0b0240caa100f84ac7051249351e0bb4f9658ef2df7dcdc61d6175ca849252a47d191887524ef9a0bfc34a2180fcefc9b183dec66602c738fc17165d
-
SSDEEP
768:koiWiO031v9U7ctjCSm17MuD+aTrN6cN9q3UEL5IC:korm1vJCT1rjh6zLB
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
26048119b40ae3d8e1de9bacbea22109.elfdescription ioc process File opened for reading /proc/self/exe 26048119b40ae3d8e1de9bacbea22109.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/356-1-0x00008000-0x0002db18-memory.dmp