Analysis

  • max time kernel
    1s
  • max time network
    128s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221125-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    27-05-2023 01:12

General

  • Target

    cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elf

  • Size

    26KB

  • MD5

    47d602531a0890f65490f79df97a132a

  • SHA1

    6dfb58a270e2995715bbfed11dd3adbd4f459b10

  • SHA256

    cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0

  • SHA512

    3e21aa08b159c387ebbc05c1de5705599b8d1657a9d61585c17309b37064941bb2bf04931349730ca018e7b3d3bfa90bda7fc5fb6c4e48fbb6867d16d216cdc8

  • SSDEEP

    768:4MKyhegCCMqfizjoNpd2vJdX6vwr79q3UELuY:PKy4qfqoeJdXWgaLJ

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elf
    /tmp/cdd73d84ec18a5c327444bf056cf643580032ef45c67b8b1f8100ab68edd6ee0.elf
    1⤵
    • Reads runtime system information
    PID:360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/360-1-0x00008000-0x000228c4-memory.dmp