Overview

overview

10

Static

static

7

159acf9dac...1e.elf

ubuntu-20.04-amd64

10

Analysis

  • max time kernel
    149s
  • max time network
    132s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240221-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    12-03-2024 04:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    159acf9dac405bc4087753c001694f143b2167e10880c10749eaa2b90f293a1e.elf

  • Size

    21KB

  • MD5

    d5090bfb4c171c6aa9cd433283274b6d

  • SHA1

    f1a838c25a5ce0eb4f2eddaae477abb0b09411a5

  • SHA256

    159acf9dac405bc4087753c001694f143b2167e10880c10749eaa2b90f293a1e

  • SHA512

    958a12357949975e8b67f17816a38fc8f99f04865b958cc21ddcb3adefeae22a314efc0ccf2bed22bc52a5a8076f102bdc17b285192778830e6dbda69d685bc3

  • SSDEEP

    384:MgnLpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXadEg6LFUamvF0jsyV3bh/mGWxdxSo:J98o08kxofBE+ZkXauk1KxlmGWxdf7

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/159acf9dac405bc4087753c001694f143b2167e10880c10749eaa2b90f293a1e.elf
    /tmp/159acf9dac405bc4087753c001694f143b2167e10880c10749eaa2b90f293a1e.elf
    1⤵
      PID:1465

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1465-1-0x0000000008048000-0x00000000080547a0-memory.dmp

      Download