Overview

overview

10

Static

static

7

704caef2e8...dd.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    149s
  • max time network
    6s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    11-04-2024 01:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    704caef2e8472ed02ec43aab4f31fb34d7d651f0f2251db7b39495b6d530d9dd.elf

  • Size

    37KB

  • MD5

    3786674918d759ff44e3ebddad231071

  • SHA1

    b2b7be3f5392911aca7b902a1472dc171c72dcf5

  • SHA256

    704caef2e8472ed02ec43aab4f31fb34d7d651f0f2251db7b39495b6d530d9dd

  • SHA512

    6473808b1c964c4c7826cb9153cf357031755b3908dd24df42778985c9d4970c7df419347e92505e1b87f3f8f01138fbc6d8de6da865f5e07c8c4bfe34296aa6

  • SSDEEP

    768:ItB5dgXnbH/WqSA+v1uvDvfiORrHE6EQRW3F/fK:IRdGbHlT+NijfiwHYdF/S

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 20 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/704caef2e8472ed02ec43aab4f31fb34d7d651f0f2251db7b39495b6d530d9dd.elf
    /tmp/704caef2e8472ed02ec43aab4f31fb34d7d651f0f2251db7b39495b6d530d9dd.elf
    1⤵
      PID:710

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/710-1-0x00400000-0x0042a918-memory.dmp
      Download