Overview

overview

10

Static

static

7

413f6ae2ea...f1.elf

debian-9-armhf

10

Analysis

  • max time kernel
    134s
  • max time network
    68s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20231221-en
  • resource tags

    arch:armhfimage:debian9-armhf-20231221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    12-02-2024 03:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    413f6ae2ea591c8aed836276fca58e2b1d0bcde3a49e77b5b754c21782fe0af1.elf

  • Size

    59KB

  • MD5

    4105f2c2905284f128a6757b4cda86cc

  • SHA1

    3f134913325aafa87a7b36e97f5e9e718a1610b1

  • SHA256

    413f6ae2ea591c8aed836276fca58e2b1d0bcde3a49e77b5b754c21782fe0af1

  • SHA512

    df4bec3c3549b559a146a98f13bcd78c16d497cf0b20a251398439c02105df6b1116729595eb57b47fcde3c416efbe7a5245dfce09636fd527d6c7d8caa27fde

  • SSDEEP

    1536:9/ogOs93N6BkMaELdLqo+8ASRRaEtyb3iGXI/afibh5nS+E:9/h9d6KMaENh9eEty54/afibXnlE

Score
10/10
miraibotnet

Malware Config

Extracted

Family

mirai

C2

scan.rebirthltd.top

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Deletes itself 1 IoCs
  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/413f6ae2ea591c8aed836276fca58e2b1d0bcde3a49e77b5b754c21782fe0af1.elf
    /tmp/413f6ae2ea591c8aed836276fca58e2b1d0bcde3a49e77b5b754c21782fe0af1.elf
    1⤵
    • Deletes itself
    • Reads runtime system information
    PID:667

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/667-1-0x00008000-0x0002aa3c-memory.dmp

    Download