Malware Analysis Report

2025-03-15 02:12

Sample ID 240411-1l2rsaea38
Target 7dca7bb14b80c065cc161c5ee86fd90f.elf
SHA256 b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1
Tags
mirai botnet botnet upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

b6a7195124063e5604b8b58d2a3fc2a64a683fd1d561d5687d34861fea610cc1

Threat Level: Known bad

The file 7dca7bb14b80c065cc161c5ee86fd90f.elf was found to be: Known bad.

Malicious Activity Summary

mirai botnet botnet upx

Mirai

Modifies Watchdog functionality

UPX packed file

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-11 21:45

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-11 21:45

Reported

2024-04-11 21:47

Platform

debian12-mipsel-20240221-en

Max time kernel

2s

Command Line

[/tmp/7dca7bb14b80c065cc161c5ee86fd90f.elf]

Signatures

Mirai

botnet mirai

Modifies Watchdog functionality

Description Indicator Process Target
File opened for modification /dev/watchdog /tmp/7dca7bb14b80c065cc161c5ee86fd90f.elf N/A
File opened for modification /dev/misc/watchdog /tmp/7dca7bb14b80c065cc161c5ee86fd90f.elf N/A

Processes

/tmp/7dca7bb14b80c065cc161c5ee86fd90f.elf

[/tmp/7dca7bb14b80c065cc161c5ee86fd90f.elf]

Network

N/A

Files

memory/725-1-0x00400000-0x0042dc40-memory.dmp