Analysis
-
max time kernel
1s -
max time network
128s -
platform
debian-9_armhf -
resource
debian9-armhf-20221125-en -
resource tags
arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
27-05-2023 01:12
General
-
Target
cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elf
-
Size
26KB
-
MD5
47d602531a0890f65490f79df97a132a
-
SHA1
6dfb58a270e2995715bbfed11dd3adbd4f459b10
-
SHA256
cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0
-
SHA512
3e21aa08b159c387ebbc05c1de5705599b8d1657a9d61585c17309b37064941bb2bf04931349730ca018e7b3d3bfa90bda7fc5fb6c4e48fbb6867d16d216cdc8
-
SSDEEP
768:4MKyhegCCMqfizjoNpd2vJdX6vwr79q3UELuY:PKy4qfqoeJdXWgaLJ
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elfdescription ioc process File opened for reading /proc/self/exe cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elf