Overview

overview

10

Static

static

1

acb4dc2cb8...81.elf

debian-9-armhf

10

Analysis

  • max time kernel
    1s
  • max time network
    124s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20230831-en
  • resource tags

    arch:armhfimage:debian9-armhf-20230831-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    09-10-2023 02:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    acb4dc2cb8b010b4914d4fc617adc0678089110e779b077d092c846e7f868081.elf

  • Size

    40KB

  • MD5

    dd480c2d2b264c55e6e1476cc118612b

  • SHA1

    8238ada12dd744492744d7c3df4ab452a161b7c3

  • SHA256

    acb4dc2cb8b010b4914d4fc617adc0678089110e779b077d092c846e7f868081

  • SHA512

    0f62249401579f8abb5ca43c43b78e71d23398a51c05aa9522840066db861945565881f9f69e3bb8291a01ce02d3a8946e530bdbfb8c418436d728094b61a943

  • SSDEEP

    768:23xagPrixA4v2YxWztDW5T6DTWt0M3iLloCDHgTcrOXDxe4q3U7Jc:23xCrudC9AWtq+61rwW

Score
10/10
miraikytonbotnet

Malware Config

Extracted

Family

mirai

Botnet

KYTON

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/acb4dc2cb8b010b4914d4fc617adc0678089110e779b077d092c846e7f868081.elf
    /tmp/acb4dc2cb8b010b4914d4fc617adc0678089110e779b077d092c846e7f868081.elf
    1⤵
    • Reads runtime system information
    PID:367

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/367-1-0x00008000-0x00033af0-memory.dmp

    Download