Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25-03-2024 09:43

General

  • Target

    5f9fef533dda84f0ebecc09384cd1532.elf

  • Size

    26KB

  • MD5

    5f9fef533dda84f0ebecc09384cd1532

  • SHA1

    9a07dd01371b415cc3a021b3c1f25c8b933bca55

  • SHA256

    b44ff359df589bf0ffe7aca96439d35a4e51a8c0cc6d225a3ceffec2c26ed293

  • SHA512

    fe8576b07c3786725116736016484219d7fa7e7d6b56373daab40e3d6731d960dd861b2369fba506190a462d9c8cc0ca88a269d6f33c06ed9cf1f57fb9fc3cf0

  • SSDEEP

    768:JMKyhegCCMqfizjoNpd2vJdX6vwrCb9q3UELu4:OKy4qfqoeJdXWgC6Lh

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/5f9fef533dda84f0ebecc09384cd1532.elf
    /tmp/5f9fef533dda84f0ebecc09384cd1532.elf
    1⤵
    • Reads runtime system information
    PID:662

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/662-1-0x00008000-0x000228c4-memory.dmp