Overview

overview

10

Static

static

7

96cc11015a...eb.elf

debian-9-armhf

10

Analysis

  • max time kernel
    2s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231026-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231026-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25-11-2023 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96cc11015afff052bdf59cb75abaa561bec01d95c6b0100844ad65abb91d7aeb.elf

  • Size

    27KB

  • MD5

    04cb1f31f8307d9ec8a8b71c20b3c417

  • SHA1

    6706d5db03ce5e1774083dacca11a8678c44159b

  • SHA256

    96cc11015afff052bdf59cb75abaa561bec01d95c6b0100844ad65abb91d7aeb

  • SHA512

    eb2bf821187dd523d628319ce44c39454e800cc1d9425e04ed776973d3f91fdf7c64c48b0224a2ca0355e8106199bdd4f50d1ea1ec729ccbb7e72226c67fb0a7

  • SSDEEP

    384:ARt/koxisa34beDtZwuaCBsk+G9lLSsLYSTFs9u8OtqlrNEcCBddN/hymdGUop5K:A7soTAZ3alkXLvFh8nNEfddN/s3UozK

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/96cc11015afff052bdf59cb75abaa561bec01d95c6b0100844ad65abb91d7aeb.elf
    /tmp/96cc11015afff052bdf59cb75abaa561bec01d95c6b0100844ad65abb91d7aeb.elf
    1⤵
    • Reads runtime system information
    PID:666

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads