Overview

overview

10

Static

static

7

58bbe6fa57...50.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    127s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20221125-en
  • resource tags

    arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    03-06-2023 08:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58bbe6fa57ee4034fe4e8fb18ada2350.elf

  • Size

    22KB

  • MD5

    58bbe6fa57ee4034fe4e8fb18ada2350

  • SHA1

    26660a9c2a280841fc2dd94a51409f172c1ac785

  • SHA256

    de151be8e285116e7fd2433d64c52c287198a3a956f13aec845f04476a5397ec

  • SHA512

    b1229308e64f352b463d612a9ac2f53d6f97f585712724a5abbd89f1f62555e72dfa0ad3c36981289c0f5e1f75fbd39a4d05dd3d52b92670654cec22c50c5ec5

  • SSDEEP

    384:0O6YNAT+pu2+hYtu3BDMBkhuAtQtsqnNrkAghEol95T4ZlJNESqmdGU5EeCZdrt:4/SbSYA+Tnp8FTT4ZlXESq3UIrt

Score
10/10
miraibotnet

Malware Config

Extracted

Family

mirai

C2

193.35.18.42

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/58bbe6fa57ee4034fe4e8fb18ada2350.elf
    /tmp/58bbe6fa57ee4034fe4e8fb18ada2350.elf
    1⤵
    • Reads runtime system information
    PID:361

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/361-1-0x00008000-0x00024abc-memory.dmp

    Download