Overview

overview

10

Static

static

7

3f57000340...b0.elf

ubuntu-18.04-amd64

10

Analysis

  • max time kernel
    153s
  • max time network
    135s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20230831-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20230831-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-10-2023 15:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f57000340c81869a1625b914bb4f7b0.elf

  • Size

    20KB

  • MD5

    3f57000340c81869a1625b914bb4f7b0

  • SHA1

    6488d2776b5eeb4d3563d5b66c1eaaea6b4df286

  • SHA256

    e62f7d3c0b043124162aa7c4a035f66ec48f0bbf38c6d6c3c994010ccc71acc4

  • SHA512

    ab602ce0998b636ded274f1b720a1d85f1c6705bc8ea81b87d9810317b1754bdcb66622227c289b115923101ac740ede85488521afbd83940a016599a2f994dc

  • SSDEEP

    384:Mg4Lpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXadmTb+502F2vwA9dWuMW21bAK1oTn:M98o08kxofBE+ZkXaITbp2F2TWul0c5r

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 17 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/3f57000340c81869a1625b914bb4f7b0.elf
    /tmp/3f57000340c81869a1625b914bb4f7b0.elf
    1⤵
      PID:588

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/588-1-0x0000000008048000-0x00000000080547a0-memory.dmp

      Download