Overview

overview

10

Static

static

7

e021c2c218...5e.elf

ubuntu-18.04-amd64

10

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12/02/2024, 03:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e021c2c2182b81855d79fdbd5cede333d5b8dbc5d007b59eb34da43f917dd35e.elf

  • Size

    36KB

  • MD5

    e836010c80b736dfa06e5e6cd8ec6ca3

  • SHA1

    868f28e8787112ec88a9973ff310df55b4d5687b

  • SHA256

    e021c2c2182b81855d79fdbd5cede333d5b8dbc5d007b59eb34da43f917dd35e

  • SHA512

    ce0a957f876083663ddafe1c5d1ae9cfa9e7ea50c4de2c613fff95aa3d1c8c502425f8b41364311aad7fe7b4904470690aebc167ed5ecbca0f09da026aded394

  • SSDEEP

    768:y2579LO+NfzGkpWgxBnV3h+CxJ2l6GHSav9fv9sPVhL:y27ycfJWIr+MJ2l6bapFuVhL

Score
10/10
miraibotnetbotnet

Malware Config

Extracted

Family

mirai

Botnet

BOTNET

C2

scan.rebirthltd.top

194.169.175.3

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Changes its process name 1 IoCs
  • Deletes itself 1 IoCs
  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/e021c2c2182b81855d79fdbd5cede333d5b8dbc5d007b59eb34da43f917dd35e.elf
    /tmp/e021c2c2182b81855d79fdbd5cede333d5b8dbc5d007b59eb34da43f917dd35e.elf
    1⤵
    • Changes its process name
    • Deletes itself
    • Reads runtime system information
    PID:1553

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads