Overview

overview

10

Static

static

7

a216c05b20...a1.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    02-04-2024 01:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a216c05b201d5586208af929795cb944aa883aa8db9ba9c1b40df1a11ee3f8a1.elf

  • Size

    26KB

  • MD5

    cb6d04beddae662745e81aa5ecced571

  • SHA1

    0ba0614065a401c2282066e96a4c2ebef66e1134

  • SHA256

    a216c05b201d5586208af929795cb944aa883aa8db9ba9c1b40df1a11ee3f8a1

  • SHA512

    0c547986db1ff71821a4dc99a7ee4501cc826ec47666fec23be1d55e9918c8d562285c413813f1f32c930fed9fdf42fd2ef5bb804845c917a6880b2c439ce02b

  • SSDEEP

    768:YYIiyWMqFTKlQNV5qws9AO9fYBxDBs3UozY:YFiyWMqFTKlQ4v6OqdszY

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/a216c05b201d5586208af929795cb944aa883aa8db9ba9c1b40df1a11ee3f8a1.elf
    /tmp/a216c05b201d5586208af929795cb944aa883aa8db9ba9c1b40df1a11ee3f8a1.elf
    1⤵
    • Reads runtime system information
    PID:656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/656-1-0x00008000-0x00020e9c-memory.dmp

    Download