Overview

overview

10

Static

static

7

ff4713d054...68.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    17-03-2024 04:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff4713d05420cc8c08bf15abc82384a6280938f1761aac0fe6835c4eca99fc68.elf

  • Size

    34KB

  • MD5

    e36a28046a094f40df25933aa0917ca0

  • SHA1

    3b1889eb7c8642056ce7b08d4b044238ff4f8c1f

  • SHA256

    ff4713d05420cc8c08bf15abc82384a6280938f1761aac0fe6835c4eca99fc68

  • SHA512

    ba20d588f1f374c15c77cd7224ef098de852192d9a7e56ae7444fb933876d84fbcaeeb999eaa122c16da1a600888382c38c6468f9a478d1fde10d70fcc3c3c80

  • SSDEEP

    768:MJA1XvCO2DESHcO8hI7YMtvi73My0OD7z16bm9q3UELCc:MWgO2DERO8XIC3Mi72Lf

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/ff4713d05420cc8c08bf15abc82384a6280938f1761aac0fe6835c4eca99fc68.elf
    /tmp/ff4713d05420cc8c08bf15abc82384a6280938f1761aac0fe6835c4eca99fc68.elf
    1⤵
    • Reads runtime system information
    PID:639

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/639-1-0x00008000-0x0002c968-memory.dmp

    Download