Overview

overview

10

Static

static

7

187a79803b...57.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    124s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • resource tags

    arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    31-05-2023 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    187a79803bcdb94a0fb475f9f552810dbe7b801163d18fe21844756a6ab8cf57.elf

  • Size

    36KB

  • MD5

    01aefddfbb2e079ca5e75ac1fb7240fe

  • SHA1

    812684d32a0a6c6875771020f1202140696ee5d2

  • SHA256

    187a79803bcdb94a0fb475f9f552810dbe7b801163d18fe21844756a6ab8cf57

  • SHA512

    6d32d45edc2fe0b4358ceb8d8cb2b15e9dcd1e6881262c72f63b953439e3f185a62478d925d1c44027764d95c74cad42ea301d5bb6c64f5246f6095c62bdc89d

  • SSDEEP

    768:aqCtE/zHmw6W/A1aFDF4EtFd4aPs9FkGLEDsIIPM6CAwplY/Akq3UIYcW:aqGELHmwu1aFDFjFdWrkH/orCAwplYYy

Score
10/10
miraiunstablebotnet

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/187a79803bcdb94a0fb475f9f552810dbe7b801163d18fe21844756a6ab8cf57.elf
    /tmp/187a79803bcdb94a0fb475f9f552810dbe7b801163d18fe21844756a6ab8cf57.elf
    1⤵
    • Reads runtime system information
    PID:355

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/355-1-0x00008000-0x00030a8c-memory.dmp

    Download