Overview

overview

10

Static

static

1

374ef52a28...28.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    128s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221125-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    29-05-2023 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    374ef52a28d4aa7e5909010d77f3f128.elf

  • Size

    41KB

  • MD5

    374ef52a28d4aa7e5909010d77f3f128

  • SHA1

    5d45f46fdce25b1323c32c7c5f2e9bf45389b5d2

  • SHA256

    e87056fe1c0bc69b5b88598a76f532cc7b11ed5927b415e42983b85be3b36a2a

  • SHA512

    28bea5635499178828ca08a89b0c26a4bf9948fe408abb9e35d3ddab3c43c8fc5721c82135e6060765114a7c6a0572dfc606d0b90188fd5f03bf46d66bdd394f

  • SSDEEP

    768:92VVNh7lMuAw6pNQAkpARyfwSBI77EBgCcCEJe7WB95Bi+xG37X0:92Vbh5tiftyAYwSBKkgCcCL7WB9Hi+xZ

Score
10/10
miraibotnet

Malware Config

Extracted

Family

mirai

C2

client.orxy.space

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/374ef52a28d4aa7e5909010d77f3f128.elf
    /tmp/374ef52a28d4aa7e5909010d77f3f128.elf
    1⤵
    • Reads runtime system information
    PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/368-1-0x00008000-0x0002c930-memory.dmp
    Download