Overview

overview

10

Static

static

7

fb027e5587...16.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    150s
  • max time network
    175s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20221125-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20221125-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    18-05-2023 14:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fb027e55875fdc137eb8b4ac1e50ad16.elf

  • Size

    24KB

  • MD5

    fb027e55875fdc137eb8b4ac1e50ad16

  • SHA1

    9535e040f07b84f8d71fd2e3391cc553e9a7cfb9

  • SHA256

    220b6d4da6702a1ea1bd2ef0594ba6258fd3a1917efd1c0cc41ac74a1e8a90f7

  • SHA512

    95faa11236f7ef79e7c5822eab977ab8da3c9525cf751804b50f7daeaadb04b36fc3381938975f47b29873d46ef9c278fe74d26f44ba7208027084d1106d99e2

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpkxZqSWvw:4QlS07FUXqIYSXQKqumqY

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 9 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/fb027e55875fdc137eb8b4ac1e50ad16.elf
    /tmp/fb027e55875fdc137eb8b4ac1e50ad16.elf
    1⤵
      PID:332

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/332-1-0x00400000-0x00452a58-memory.dmp

      Download