Overview

overview

10

Static

static

7

9a974cb60d...ff.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    linux_mipsel
  • resource
    debian9-mipsel-en-20211208
  • resource tags

    arch:mipselimage:debian9-mipsel-en-20211208kernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    17-05-2023 08:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9a974cb60d9cdbe1ec2d80b624d13aff.elf

  • Size

    24KB

  • MD5

    9a974cb60d9cdbe1ec2d80b624d13aff

  • SHA1

    ce8fcda8edafdcc7114a5b90a3b7506287e0e4b5

  • SHA256

    5c66b7ff62d284ad48bdc4564ba9d0a8f09b631656522f5706c87bbab9dbea2d

  • SHA512

    9b2ed5c2a7ab947bdb425962322a087b93910b83973e0162321c0956c4ebef7d5bb2ced51529c7706c1de30bca1230cce64062323d30a47c959f6f9b359a401e

  • SSDEEP

    768:otrQlS07dEv0UXqUhvQE+CXQKMQKCXBpNEZqqWvS:iQlS07FUXqIYSXQKquN8qC

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs

Processes

  • /tmp/9a974cb60d9cdbe1ec2d80b624d13aff.elf
    /tmp/9a974cb60d9cdbe1ec2d80b624d13aff.elf
    1⤵
      PID:329

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/329-1-0x00400000-0x00452a58-memory.dmp

      Download