Overview

overview

10

Static

static

7

956d5ed211...ea.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-03-2024 02:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    956d5ed2118e80bb104ffda0fe580e151f3e94b6adfe89472a733c839eeeb8ea.elf

  • Size

    32KB

  • MD5

    4b71440572c1d90fa55b3eb53d329e07

  • SHA1

    a0beea2c84618af0b0edc4efffa98140d3c1010f

  • SHA256

    956d5ed2118e80bb104ffda0fe580e151f3e94b6adfe89472a733c839eeeb8ea

  • SHA512

    2b959dbd257384f1a7cbc4d31e50e47ed55530a07c264a4d1f06c9aa2afd2c2704d45ebbb498c57232cb9e1831b0e2db5a84a9900e48c19f047d17f036fa23d8

  • SSDEEP

    768:1oiWiO031vpAPbrVWZK3XVGxm9XMNk9q3UEL5It:1orm1vpALgUJ2NLS

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/956d5ed2118e80bb104ffda0fe580e151f3e94b6adfe89472a733c839eeeb8ea.elf
    /tmp/956d5ed2118e80bb104ffda0fe580e151f3e94b6adfe89472a733c839eeeb8ea.elf
    1⤵
    • Reads runtime system information
    PID:676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/676-1-0x00008000-0x0002db18-memory.dmp
    Download