Analysis
-
max time kernel
2s -
max time network
126s -
platform
linux_armhf -
resource
debian9-armhf-en-20211208 -
resource tags
arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
03-06-2023 08:47
General
-
Target
874f5ef7de54a063319b8a45d0aa7ac7.elf
-
Size
26KB
-
MD5
874f5ef7de54a063319b8a45d0aa7ac7
-
SHA1
7a30a9b143ebde11cad207c8c87aeedec38d08a1
-
SHA256
58669b30be5125144842a42c91337c0f871561bd3c80cbf53dcab73ff2afba34
-
SHA512
a8bb486cd396e7e2a9e97fb11e42ff1d679f8dc134a68e42e3eb6f7b38f6f82d25f1ed1d4d42ee8b945879b755cee89c025093e75ffb9891834dc70d1db697fb
-
SSDEEP
768:eMKyhegCCMqfizjoNpd2vJdX6vwrCU9q3UELu2:NKy4qfqoeJdXWgC9LP
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
874f5ef7de54a063319b8a45d0aa7ac7.elfdescription ioc process File opened for reading /proc/self/exe 874f5ef7de54a063319b8a45d0aa7ac7.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/351-1-0x00008000-0x000228c4-memory.dmp