Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    23-04-2024 07:35

General

  • Target

    d17a46e5e841c48a26f939a5fb157b78.elf

  • Size

    38KB

  • MD5

    d17a46e5e841c48a26f939a5fb157b78

  • SHA1

    98d779e91b211114c9b23d106564b22826e1bfd0

  • SHA256

    9e4f2aa60c13a24ea4362fd2ff06f9886c9265b51afdea1c3a91d44a03856d9b

  • SHA512

    f4ec8941547c0a067d7d4cbfe6baf5c74860a0ede62b5dcec8a14500abe3cc6a26ef96c0b07b2257862c0683c249e1ece0190f7248b348108060bfd830dc455a

  • SSDEEP

    768:83wtVFVcC13v7Zi52F5bOmO+8UpY765qh3OrmmWJNXCq3UInb:8AtVFVhzoCOmpNaIyFb

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/d17a46e5e841c48a26f939a5fb157b78.elf
    /tmp/d17a46e5e841c48a26f939a5fb157b78.elf
    1⤵
    • Reads runtime system information
    PID:661

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/661-1-0x00008000-0x0002fb4c-memory.dmp