Malware Analysis Report

2024-11-15 05:17

Sample ID 240423-jeng5see8y
Target d17a46e5e841c48a26f939a5fb157b78.elf
SHA256 9e4f2aa60c13a24ea4362fd2ff06f9886c9265b51afdea1c3a91d44a03856d9b
Tags
upx mirai mirai botnet
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9e4f2aa60c13a24ea4362fd2ff06f9886c9265b51afdea1c3a91d44a03856d9b

Threat Level: Known bad

The file d17a46e5e841c48a26f939a5fb157b78.elf was found to be: Known bad.

Malicious Activity Summary

upx mirai mirai botnet

Mirai

UPX packed file

Reads runtime system information

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-04-23 07:35

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-23 07:35

Reported

2024-04-23 07:37

Platform

debian9-armhf-20240226-en

Max time kernel

0s

Command Line

[/tmp/d17a46e5e841c48a26f939a5fb157b78.elf]

Signatures

Mirai

botnet mirai

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/exe /tmp/d17a46e5e841c48a26f939a5fb157b78.elf N/A

Processes

/tmp/d17a46e5e841c48a26f939a5fb157b78.elf

[/tmp/d17a46e5e841c48a26f939a5fb157b78.elf]

Network

N/A

Files

memory/661-1-0x00008000-0x0002fb4c-memory.dmp