Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
23-04-2024 11:29
General
-
Target
c309fccf2778c6d64295cd44d12c52ee.elf
-
Size
31KB
-
MD5
c309fccf2778c6d64295cd44d12c52ee
-
SHA1
00f8f0dcab5ffc000966f4ea77a911b46b4511e0
-
SHA256
b2c031423dd776d0123a68ffa795f8b1a132c499f1a2388a62e306723cafd33f
-
SHA512
b50406837d8308c0745a67b377a39491a43dbf2d76d4d232b984deed4593bb75a2d919f53777ef49655ea8a7889338679cdbca0c22e45f26fc489c911b71baed
-
SSDEEP
768:YEKkUgXAnURCr6HmDFStmYtl4c9q3UELdo:gkEn7uHEemE4lL+
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
c309fccf2778c6d64295cd44d12c52ee.elfdescription ioc process File opened for reading /proc/self/exe c309fccf2778c6d64295cd44d12c52ee.elf