Overview

overview

10

Static

static

7

1238f79d96...7c.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    150s
  • max time network
    148s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • resource tags

    arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    14-05-2023 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1238f79d962d841863896016ce24929b2cee22f9e2173f0e2d3667de591bcc7c.elf

  • Size

    24KB

  • MD5

    a3e6859e5e20538662eb1c31db59ec0a

  • SHA1

    548c4d09742126654eff1aac2b696fd7aa0aad23

  • SHA256

    1238f79d962d841863896016ce24929b2cee22f9e2173f0e2d3667de591bcc7c

  • SHA512

    78b79233227d067b9c75fbbe7465af56393428f29a55b79f1f327095230f3914332f94db33a02c5d8ffd140838591372e51236a4741bde7d6cf929aa7e1f3729

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpAZqSWv6:4QlS07FUXqIYSXQKquYqS

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs

Processes

  • /tmp/1238f79d962d841863896016ce24929b2cee22f9e2173f0e2d3667de591bcc7c.elf
    /tmp/1238f79d962d841863896016ce24929b2cee22f9e2173f0e2d3667de591bcc7c.elf
    1⤵
      PID:332

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/332-1-0x00400000-0x00452a58-memory.dmp

      Download