Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
07-03-2024 14:25
General
-
Target
b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422
-
Size
27KB
-
MD5
c29b134b03dfaa86b3dfd4f680600ea2
-
SHA1
d7bb6a336524fdaecbb5a30fc112b762504e6cec
-
SHA256
b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422
-
SHA512
6facb2205e6d991e4456f389c24daa439bc9c0c96cfc8743d553155e56c1944284140bd92f98189c896dcbb962eb01f492c75449e47fca850c12bab08a193afd
-
SSDEEP
768:9ZqbD9poewFRgjRm6O7NxKnSXQnqgfs3Uozo:9s/9KgV+jDXQqvzo
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422description ioc process File opened for reading /proc/self/exe b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422