Overview

overview

10

Static

static

7

a13f113fee...25.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    22-03-2024 03:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a13f113fee1063283c61d011bcfb5f6adc521c89e0ae3935284d5100a885a925.elf

  • Size

    26KB

  • MD5

    de63e890d6e8297013eae73c16f7b133

  • SHA1

    c3628366f57bdbc210190d82c324233ffa78a304

  • SHA256

    a13f113fee1063283c61d011bcfb5f6adc521c89e0ae3935284d5100a885a925

  • SHA512

    9625a118a06bcd1bbc0143161327e2b4426af849384bdc668ed1764deb8aedab13531cdb18e1864b9ce285bbd171ff6366637e37200e0b1868632ab1c61b5684

  • SSDEEP

    768:JMKyhegCCMqfizjoNpd2vJdX6vwrb9q3UELuW:OKy4qfqoeJdXWg6LD

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/a13f113fee1063283c61d011bcfb5f6adc521c89e0ae3935284d5100a885a925.elf
    /tmp/a13f113fee1063283c61d011bcfb5f6adc521c89e0ae3935284d5100a885a925.elf
    1⤵
    • Reads runtime system information
    PID:664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/664-1-0x00008000-0x000228c4-memory.dmp
    Download