Overview

overview

10

Static

static

7

c4ba5f055f...bd.elf

debian-9-mips

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20221111-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    14-05-2023 08:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4ba5f055f8dffcc0b404969ace82feea6ead7f476e2e6a065cd25bb5a768dbd.elf

  • Size

    23KB

  • MD5

    da421f5ba45e1f8418f24437f1dc7181

  • SHA1

    916ee3ba7a87249ab4b0cc46fcc7ce2a0e7e9ffc

  • SHA256

    c4ba5f055f8dffcc0b404969ace82feea6ead7f476e2e6a065cd25bb5a768dbd

  • SHA512

    16595b6de5e7bf9b602cccc97dac68b55297f71a86be9b2493bff1f57405e89897d2162b876fa3532039d553c2fe835855a00490f1ade19ffc6b0c5673cc1251

  • SSDEEP

    384:neD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiiAmdzJgGlzDpH7uNj1JAF:neD8ZSWvZHZbs1row697qohQvg9iAizh

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs

Processes

  • /tmp/c4ba5f055f8dffcc0b404969ace82feea6ead7f476e2e6a065cd25bb5a768dbd.elf
    /tmp/c4ba5f055f8dffcc0b404969ace82feea6ead7f476e2e6a065cd25bb5a768dbd.elf
    1⤵
      PID:326

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Hijack Execution Flow

    1
    T1574

    Privilege Escalation

    Hijack Execution Flow

    1
    T1574

    Defense Evasion

    Impair Defenses

    1
    T1562

    Hijack Execution Flow

    1
    T1574

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/326-1-0x00400000-0x00451a58-memory.dmp
      Download