Overview

overview

10

Static

static

7

378730f6ea...ca.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24-03-2024 07:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    378730f6eaf90a1ac6026cb740ce09ca.elf

  • Size

    33KB

  • MD5

    378730f6eaf90a1ac6026cb740ce09ca

  • SHA1

    8c9b5e904c3856540c2caf90aa7e16f74318ca7c

  • SHA256

    74a12c37da10a28d879a3a4517d63b91ea4e06df2cacdbe5722350f398ce3fe2

  • SHA512

    4356faf84787fdcd49b56a6fcc7590102688e96a29e333c73ad6c654d371f7c3086e59474e6ffdc69669dd6755e4972674f4114e9dcbe5d8f3c6ad88a66bf829

  • SSDEEP

    768:qu9YDJSsqL8dTvlz+kZaJftXp/KJxrKu+lmLSZn9i3ks9q3UELCK:qu9CgsqL8dTlqk41tXp/K/5+sLF3wLV

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/378730f6eaf90a1ac6026cb740ce09ca.elf
    /tmp/378730f6eaf90a1ac6026cb740ce09ca.elf
    1⤵
    • Reads runtime system information
    PID:635

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/635-1-0x00008000-0x0002df38-memory.dmp

    Download