Overview

overview

10

Static

static

7

506b6bd772...3e.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    149s
  • max time network
    8s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    21-03-2024 06:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    506b6bd772cf7c7c626b6e0b2aa1ab3e.elf

  • Size

    24KB

  • MD5

    506b6bd772cf7c7c626b6e0b2aa1ab3e

  • SHA1

    17d13940a7a4f612253297475402d895d2bb6a72

  • SHA256

    f4460cc2638b270de3f888fe61f4e7709055c00e2e889c27af7ae732fbb5b288

  • SHA512

    fe6ef0a248c5dab5d20efe3d80b2d65b4cc3157f9c7202b8af184f9108e398e27243c602e3bf3501c05cad48afa88a5e845c71de8a911db82e117b9587bb5e9f

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpSZqSWvQ:4QlS07FUXqIYSXQKqu2qo

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 26 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/506b6bd772cf7c7c626b6e0b2aa1ab3e.elf
    /tmp/506b6bd772cf7c7c626b6e0b2aa1ab3e.elf
    1⤵
      PID:701

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/701-1-0x00400000-0x00452a58-memory.dmp

      Download