Overview

overview

10

Static

static

7

458f9e8e6a...c4.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    05-03-2024 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    458f9e8e6a53bee0facee1e9b548aaa0223c628a2e19c8b79cc2ca2478947fc4.elf

  • Size

    31KB

  • MD5

    dea5b74d346f5ff493e08ec3bd1aa4ab

  • SHA1

    1bf1a1a0c2b892f893f915da35f16dd63c265fbb

  • SHA256

    458f9e8e6a53bee0facee1e9b548aaa0223c628a2e19c8b79cc2ca2478947fc4

  • SHA512

    023fb04d9a8288967a7f1bb356b3dccce5f1af457df4193cd0d358f92ad8fbf6c661420ee1d497b70f1e4200e21e67efceb9d3fbb5893e9800beb91c7d8bf7c3

  • SSDEEP

    768:x8Lm6COq1fewdHy62pud4yNOYSOyB8LrUW9q3UELdC:iLJCmjpkcMKUULU

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/458f9e8e6a53bee0facee1e9b548aaa0223c628a2e19c8b79cc2ca2478947fc4.elf
    /tmp/458f9e8e6a53bee0facee1e9b548aaa0223c628a2e19c8b79cc2ca2478947fc4.elf
    1⤵
    • Reads runtime system information
    PID:663

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/663-1-0x00008000-0x0002da90-memory.dmp

    Download