Analysis
-
max time kernel
1s -
max time network
127s -
platform
debian-9_armhf -
resource
debian9-armhf-20221125-en -
resource tags
arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
31-05-2023 14:30
General
-
Target
SecuriteInfo.com.Trojan.Linux.Mirai.1.21505.14553.elf
-
Size
37KB
-
MD5
57247cab87467839480c61af4a10619e
-
SHA1
688c00538f18723079f97e409b96adf2d8d95421
-
SHA256
ec70b32205000e1c2c85356e6f008c5a6efb862c71884c081e55c1477dcac400
-
SHA512
fa3852c5703a9372648a666d6d6c2aaeb311beef31b7ecbb157e16bb3240dc5510b5f8b5dd962bbb1e7f9f13f421286aab526a815f7a0791613412808be2e247
-
SSDEEP
768:ICt8xQyKEXdvcsU2fPmwY4gLMh310IJ4XZbO6xHxq3UIQe:IGSzJsvb41h31HGYuHeR
Malware Config
Extracted
Family
mirai
Botnet
UNSTABLE
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
SecuriteInfo.com.Trojan.Linux.Mirai.1.21505.14553.elfdescription ioc process File opened for reading /proc/self/exe SecuriteInfo.com.Trojan.Linux.Mirai.1.21505.14553.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/356-1-0x00008000-0x00030a8c-memory.dmp