Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    09-04-2024 01:10

General

  • Target

    285b222be101fe8f373ad686b2dabc3e4ccf163aa0a9d3086652c30191800ac0.elf

  • Size

    32KB

  • MD5

    f6e459b58111b026baa1e169e61946d4

  • SHA1

    0350e4d13b0ff293c101044d414787416358ff94

  • SHA256

    285b222be101fe8f373ad686b2dabc3e4ccf163aa0a9d3086652c30191800ac0

  • SHA512

    5e359cb34db3d32d7a2e53c9bc878bd9a1eeb7a3e840f9cfe17d732802059b2d95893987b88476cdd146acbe537d7df4f81e9b7d55f97c8c3a42e2e7421f10de

  • SSDEEP

    768:oo/cTFN6eW5g0EzA/FywGG1oDyKkhSt7HRtb6wUVhBRIP3UR:oo86eW2CHGMgkhk7Hf5krRd

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/285b222be101fe8f373ad686b2dabc3e4ccf163aa0a9d3086652c30191800ac0.elf
    /tmp/285b222be101fe8f373ad686b2dabc3e4ccf163aa0a9d3086652c30191800ac0.elf
    1⤵
    • Reads runtime system information
    PID:657

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/657-1-0x00008000-0x00023f68-memory.dmp