Overview

overview

10

Static

static

7

5ebe0fb8f6...7b3318

debian-9-mips

10

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20231215-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20231215-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    22/12/2023, 03:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5ebe0fb8f6fc9f3c75ad6a83887b3318

  • Size

    30KB

  • MD5

    5ebe0fb8f6fc9f3c75ad6a83887b3318

  • SHA1

    4e56baee5a23f652a0bbefe27cb1c3f08b29dcf5

  • SHA256

    765665f9d417cdff6f99d7795bc7c9850ce8bf552c7b103dee32e24fcbe00145

  • SHA512

    0c72503d38d378ea191e6ec199684077848bc14451b4bfc42549f3928e9ef4df1b21e22552c2fe1a84296130432338bf3db5bf4957358aa2edbed1bddece1a0c

  • SSDEEP

    768:i7Wpq877b1/4R7tIghTN07yOxJgGlzDpOFw81:RvbuBIgh50yODVUWy

Score
10/10
miraiputinbotnet

Malware Config

Extracted

Family

mirai

Botnet

PUTIN

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Changes its process name 1 IoCs
  • Deletes itself 1 IoCs
  • Unexpected DNS network traffic destination 15 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

  • /tmp/5ebe0fb8f6fc9f3c75ad6a83887b3318
    /tmp/5ebe0fb8f6fc9f3c75ad6a83887b3318
    1⤵
    • Changes its process name
    • Deletes itself
    PID:701

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads