Analysis
-
max time kernel
149s -
max time network
149s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240226-en -
resource tags
-
submitted
05/04/2024, 01:12
General
-
Target
33100452278d3d2e6857c61cd3f422547c1bab3395cb14a12eeba5bb1622e5c3.elf
-
Size
34KB
-
MD5
17a71b71e5c728e4394c067a196a6b7d
-
SHA1
644f071ab69638ab998403ed07f8131de6e1fdac
-
SHA256
33100452278d3d2e6857c61cd3f422547c1bab3395cb14a12eeba5bb1622e5c3
-
SHA512
e8e0912454e331619c6dbd64f470f389e7fc1be2999e66cb32711525a4f6fc1d9bd0c17691582a1738580464bfebf5901f8c45526bd912d22489f0cd58787357
-
SSDEEP
768:5uK/70MEG8bZTyA5PSfGM5Jzx5dZezxAllR8zqLWs:5VGG8l5PkR5VxotCT
Score
10/10
Malware Config
Signatures
-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Changes its process name 1 IoCs
-
Deletes itself 1 IoCs
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Traces itself 1 IoCs
Traces itself to prevent debugging attempts
-
Writes file to system bin folder 1 TTPs 2 IoCs
Processes
-
/tmp/33100452278d3d2e6857c61cd3f422547c1bab3395cb14a12eeba5bb1622e5c3.elf/tmp/33100452278d3d2e6857c61cd3f422547c1bab3395cb14a12eeba5bb1622e5c3.elf1⤵
- Changes its process name
- Deletes itself
- Traces itself