Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
25-03-2024 09:43
General
-
Target
5f9fef533dda84f0ebecc09384cd1532.elf
-
Size
26KB
-
MD5
5f9fef533dda84f0ebecc09384cd1532
-
SHA1
9a07dd01371b415cc3a021b3c1f25c8b933bca55
-
SHA256
b44ff359df589bf0ffe7aca96439d35a4e51a8c0cc6d225a3ceffec2c26ed293
-
SHA512
fe8576b07c3786725116736016484219d7fa7e7d6b56373daab40e3d6731d960dd861b2369fba506190a462d9c8cc0ca88a269d6f33c06ed9cf1f57fb9fc3cf0
-
SSDEEP
768:JMKyhegCCMqfizjoNpd2vJdX6vwrCb9q3UELu4:OKy4qfqoeJdXWgC6Lh
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
5f9fef533dda84f0ebecc09384cd1532.elfdescription ioc process File opened for reading /proc/self/exe 5f9fef533dda84f0ebecc09384cd1532.elf