Overview

overview

10

Static

static

10

nullnet_load.arm.elf

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    nullnet_load.arm.elf

  • Size

    77KB

  • MD5

    56974d0cf5e92678ced4b18489b71dd8

  • SHA1

    d347d5f895c9fe6a881a1f7b0cb16ef8f982a573

  • SHA256

    f05d8912de2d67ce5ecdad9ae793f89d4f11158468a1b7300b05eea113c791a1

  • SHA512

    15ef449ae1e3b36211ce2969411fcc25c0f933553a1d93a1b701cdcd1afd654b5534318b58cddb18d27bd4ad4b96e2fad2399deaf5373f5198368312511469e5

  • SSDEEP

    1536:JQU5w0Jj8bvVQuHCmSbuLqY3BxXB8t46AqQviJj7s:JQCw0zuimKYjR843qmiJ3

Score
10/10
upxecchimirai

Malware Config

Extracted

Family

mirai

Botnet

ECCHI

C2

root.pizda.site

Signatures

  • Mirai family
    mirai
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • nullnet_load.arm.elf
    .elf linux arm